Cloud Village is an open space to meet folks interested in offensive and defensive aspects of cloud security.

CFP for DEF CON 32 Contribute/Volunteer Become a Sponsor


Cloud village is an open space to meet folks interested in offensive and defensive aspects of cloud security. The village is home to various activities like talks, workshops, CTFs and discussions targeted around cloud services.

If you are a professional who is looking to gain knowledge on securely maintaining the cloud stack and loves to be around like-minded security folks who share the similar zeal towards the community, Cloud Village is the perfect place for you.

Cloud Village will be in-person at DEF CON 32, Las Vegas Convention Center.

Hope to see you all there!

Crew Members:

CFP Review Panel:

Cloud Village CTF

Cloud Village CTF @ DEF CON 32: 9th & 10th August 2024

CTF start - 9th August 2024

CTF close - 10th August 2024

Registrations Open - TBA

CTF Site - TBA

If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!

Our CTF is a two days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.

You can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D

See you on the other side!

Schedule (DEF CON 30)

10:00 - 10:10 PDT

Opening Note

10:10 - 10:50

Gone in 60 Seconds… How Azure AD/Entra ID Tenants are Compromised

10:50 - 11:30

Catch them all! Detection Engineering and Purple Teaming in the Cloud

11:30 - 12:10

The Oracle Awakens: Demystifying Privilege Escalation in the cloud

12:10 - 12:30

One Port to Serve Them All - Google GCP Cloud Shell Abuse

12:30 - 13:00

Cloud Offensive Breach and Risk Assessment (COBRA)

13:00 - 13:25

ExploitIfNotExists: Privilege Escalation & Persistence with Azure Policy

13:25 - 14:00

Exploit K8S via Misconfiguration .YAML in CSP environments

14:00 - 14:30

UnOAuthorized: Discovering the path to privilege elevation to Global Administrator

14:30 - 15:10

Attacking and Defending Software Supply Chains: How we got Admin in your Clouds!

15:10 - 15:40

Epyon - Attacking DevOps environments

15:40 - 17:40

Hands-On Container Image Security: Mastering Sigstore for Unbreachable Integrity

10:00 - 10:30

GCPwn: A Pentester's GCP Tool

10:30 - 11:10

Terraform Unleashed: Crafting Custom Provider Exploits for Ultimate Control

11:10 - 11:50

Identity Theft is not a Joke, Azure!

11:50 - 12:15

One Click, Six Services: Abusing The Dangerous Multi-service Orchestration Pattern

12:15 - 12:40

Finding Holes in Conditional Access Policies

12:40 - 13:10

Revealing Choke Points: Practical Tactics for Boosting Cloud Security

13:10 - 13:50

Runtime Reachability: Prioritizing Vulnerabilities with eBPF & Continuous Profiling

13:50 - 15:50

Connecting the Dots: Mastering Alert Correlation for Proactive Defense in the Cloud

16:00 - 18:00

Exploiting common vulnerabilities in AWS environments

10:00 - 10:35

Cloud Tripwires: fighting stealth with stealth

10:35 - 11:10

Kicking in the Door to the Cloud: Exploiting Cloud Provider Vulnerabilities for Initial Access


Creating Azure Policy Compliant Backdoor

11:45 - 12:20

The Rise of the Planet of the Agents: LLM-based AI Agents and Cloud Security APIs

12:20 - 12:40

Unexpected Leaks in AWS Transit Gateways

12:40 - 13:00 PDT

Closing Note

Talks (DEF CON 30)

Speaker: Sean Metcalf

Date: 09 Aug

Time: 10:10 - 10:50

X: @PyroTek3


Sean Metcalf is founder and CTO at Trimarc (, a professional services company which focuses on improving enterprise security. He is one of about 100 people in the world who holds the Microsoft Certified Master Directory Services (MCM) Active Directory certification, is a former Microsoft MVP, and has presented on Active Directory, Azure AD/Entra ID, & Microsoft Cloud attack and defense at security conferences such as Black Hat, Blue Team Con, BSides, DEF CON, DerbyCon, Troopers, & the internal Microsoft BlueHat security conference. Sean is also a co-host on the popular weekly podcast Enterprise Security Weekly streamed live every Thursday with recordings available on YouTube. You may have read some of his Active Directory & Azure AD security articles on his site,


60 seconds. 1 minute.

That's all it takes for an attacker to compromise an account with access.
And the account doesn't even need to have obvious privileged rights for the attacker to own the cloud environment.

Then, once they get Global Admin rights to Azure AD/Entra ID, it's game over since they have full admin rights, access to all data, and can easily pivot to control all Azure subscription services and content.

This talk walks through the most common ways that attackers compromise the Microsoft Cloud, specifically Azure AD/Entra ID and how to mitigate these attack techniques.

Join me in this journey of attacker methods involving account compromise of admin and user accounts, including interesting pairing of role rights, application permissions, and Conditional Access gaps.

So go beyond Global Administrator to better understand the Entra ID roles that really matter in the tenant and how application permissions provide attacker opportunity in most environments!

Attendees will learn both Azure AD/Entra ID attack and defense during this session.

Speaker: Christophe Tafani-Dereeper

Date: 09 Aug

Time: 10:50 - 11:30

X: @christophetd


Christophe lives in Switzerland and works on cloud security research and open source at Datadog. He previously worked as a software developer, penetration tester and cloud security engineer. Christophe is the maintainer of several open-source projects such as Stratus Red Team, GuardDog, CloudFlair, Adaz, and the Managed Kubernetes Auditing Toolkit (MKAT).


Where to start looking for attackers in a cloud environment? In a world where cloud providers have hundreds of services and thousands of API calls, getting started can feel overwhelming.

In this talk, we lay out the foundations of a modern detection engineering program built and tailored for the cloud, such as threat-informed defense based on real-world attacker activity, emulating common attacker behavior, shortening feedback loops to validate telemetry, and continuous end-to-end testing of threat detection rules. Additionally, we introduce a new open-source project, Grimoire, which allows leveraging pre-built datasets of AWS CloudTrail logs for common attacks.

You'll gain a hands-on, actionable understanding of how to start identifying threats in your cloud environment, or improve your existing process.

Speaker: Felipe Pr0teus, Lucas Cioffi

Date: 09 Aug

Time: 11:30 - 12:10

X: @Pr0teusBR


Felipe Espósito also known as Pr0teus, graduated in Information Technology at UNICAMP and has a master's degree in Systems and Computing Engineering from COPPE-UFRJ, both among the top technology universities in Brazil. He has over ten years of experience in information security and IT, with an emphasis on security monitoring, networking, data visualization, threat hunting, and Cloud Security. Over the last years he has worked as a Security Researcher for Tenchi Security, a Startup focused in third-party risk management, he also presented at respected conferences such as Hackers 2 Hackers Conference, BHACK, BSides (Las Vegas and São Paulo), FISL, Latinoware, SecTor, SANS SIEM Summit, and Defcon's CloudSec and Recon Village.

Lucas Cioffi has been working with cybersecurity for 7 years, and focused in Cloud for the last 3. He has a blog where he shares tips and tricks for Cloud Security, and has published some open-source tools. He was a Cloud Security lecturer for a brazilian college in 2022, and is currently pursuing a Masters degree at USP.


In this talk, we explore privilege escalation mechanisms and paths within Oracle Cloud. Privilege escalation, the process by which an attacker gains elevated access and permissions beyond those intended by the cloud administrator, poses a significant threat in cloud environments and can significantly aid an attacker or pentester.

Our discussion will focus on identifying privilege escalation paths, understanding how cloud administrators can misconfigure policies, and the methods attackers can use to exploit these vulnerabilities. Through carefully designed scenarios and real-world examples, attendees will learn to recognize signs of privilege escalation, thereby enhancing their security posture.

Speaker: Wooseok Kim, Changhyun Park

Date: 09 Aug

Time: 13:25 - 14:00

X: @woooseokkim


Wooseok Kim - Goorm | Site Reliability Engineer | K8S, CSP | SKKU

Changhyun Park - MatchGroup | Hyperconnect | Security Compliance Analyst | Cloud, GRC | SKKU


In this presentation, we researched vulnerable security configurations that enable attacks on Kubernetes (K8s) clusters and examined how these settings can be exploited in CNCF projects. Kubernetes (K8s) uses YAML files to manage various security settings, leading to potential attacks such as information leakage, excessive permission acquisition, and container escape.

Initially, this study focused on three security configuration areas in K8s: RBAC, HostPID, and Security Context. We explained the threats present if vulnerable settings are included.

  1. - RBAC: Excessive permission in K8s resources allows sensitive information theft or access to other nodes
  2. - HostPID: Access to node process information enables container escape attacks
  3. - Security Context: Incorrect security settings enable node escape and host access

Next, we created patterns for identifying weak security settings through YAML files. To do this, we conducted a literature review and expanded the vulnerable patterns centered on RBAC proposed in various papers. Additionally, we included other security settings (HostPID, Security Context).
[Our Pattern vs Paper Pattern]
  1. 1. RBAC:
    • - Our: Daemonset, Deployment SA > node Patch and Secret Get/List
    • - Paper: Daemonset > node Patch and Secret Get/List
  2. 2. Kind:
    • Our: Cluster Role, Role, Role Binding
    • Paper: Cluster Role
  3. 3. Other Security configurations:
    • - Our: HostPID, SecurityContext
    • - Paper: X
Utilizing these patterns, we examined over 150 widely-used 3rd-party CNCF projects in K8s, discovering more than 50 instances of vulnerable patterns.
We provide detailed demonstrations of three scenarios for seizing nodes or clusters by using the discovered patterns to set Base Attack conditions.

[Base Attack Conditions]
  • - RBAC > Demonset / Deployment > Service Account > Secret (Get/List) or Node(Patch)
    [Exploit Scenario]
  • - Stealing Tokens using Pods with excessive privileges
  • - Node Take over via 1 Day (CVE-2022-42889) or hostPID: True or Security Context
  • - Take over of another node or cluster using the Service Account Token on the deodorized node

Additionally, we are aware that 3rd-Party CNCF projects are widely used for convenience when operating K8S in CSPs (AWS, Azure, GCP). Since scenarios can occur in a CSP environment, we demonstrate in more detail.
Finally, based on these research results, we share vulnerable patterns with project owners to collaborate on patching and issue tracking. Before the presentation, we plan to share any reporting on CVEs and patch notes.

Speaker: Eric Woodruff

Date: 09 Aug

Time: 14:00 - 14:30

X: @ericonidentity


Throughout his 24-year career in the IT field, Eric has sought out and held a diverse range of roles, including technical manager in the public sector, Sr. Premier Field Engineer at Microsoft, and Security and Identity Architect in the Microsoft Partner ecosystem. Currently he is a Sr. Cloud Security Architect working as part of the Security Research team at Semperis. Eric is a Microsoft MVP for security, recognized for his expertise in the Microsoft identity ecosystem. Outside of work, Eric supports the professional community, providing his insights and expertise at conferences, participating on the IDPro Body of Knowledge committee, and blogging about Entra and related cloud security topics.


For customers of Microsoft 365 and Azure, obtaining the role of Global Administrator (GA) is every attacker's dream - it is the Domain Administrator of the cloud. This makes Global Administrator every organization's nightmare of being owned by a threat group or hacker. Luckily, well-defined role-based access control and a strict application consent model can severely limit who gets their fingers on Global Administrator - or does it?

This talk explores a novel discovery that resulted in privilege elevation to Global Administrator in Entra ID (Azure AD). Part conversation about the research background, part discussion of the foundational components involved, this talk will walk step-by-step through the path to privilege elevation, and owning Global Admin.

Speaker: Mike Ruth

Date: 09 Aug

Time: 14:30 - 15:10

X: @MF_Ruth


Mike is a Senior Staff Security Engineer at Rippling, where he works on securing the world’s best All-In-One HR & IT Platform. Previously the technical lead for Infrastructure Security at companies such as Brex & Cruise, Mike has over thirteen years of experience securing, designing, and deploying cloud infrastructure & SaaS services.


This talk will explore how default configurations in reference architectures of our most commonly used software supply chain services can lead to a handful of unsavory outcomes including secrets exfiltration, lateral movement, and privilege escalation within production cloud and SaaS environments. We'll take a close look at how many of the interactions between people and CI|CD services are not as safe as we think. Some examples we’ll look at:

  • - Abusing PRs against Github repositories allows for execution of code prior to code review & merge, for all downstream services (GH Actions, Buildkite, & Terraform)
  • - Multi-tenant infrastructures in CI like Buildkite lead to over-authorization & access to production cloud secrets
  • - Lacking Pipeline Based Access Control (PBAC) in CI services like Buildkite leads to code execution in production cloud environments

After we identify the pitfalls in our by-default configurations, we’ll demonstrate how best to modify them using available tools, services, & best practices.

Speaker: Alex Foley, Rupali

Date: 10 Aug

Time: 10:30 - 11:10

X: @rupali0405


Alex Foley is a broadly experienced information technology and security professional with over 25 years of experience planning, managing, implementing, securing, supporting, and scaling diverse technology platforms and teams. He is currently the founder of security and serves as Vciso to over 100 Plus startups focusing on cloud security posture management , architecture review and Compliance standards. Over the course of his career, he's had the opportunity to wear many hats and do "all the things" within product development and operations. This broad experience has enabled Alex to bring this depth of understanding to the CISO role for multiple organizations.

Rupali brings over 8 years of cybersecurity experience, specializing in penetration testing and red teaming. Currently a Lead Security Architect at security, she oversees cloud security and penetration testing engagements. Her credentials include notable certifications like OSCP, OSWE, AWS Security Specialist, and GCPN. She has presented at prominent conferences like Black Hat Asia, DevSecCon, and CoCon.


Terraform is a leading Infrastructure as Code (IaC) solution. It empowers developers to create custom providers for provisioning a wide array of infrastructure resources. Terraform provider functions as binary files on the server and interacts with terraform binary through RPC communication during terraform run. These providers, running as binary files on the Terraform server, enable developers to build custom functions that could be exploited to gain unauthorised access, potentially compromising the Terraform server, and exposing sensitive credentials and data.

In this talk, we'll explore the inner workings of custom provider modules and how their functions can be leveraged to exploit vulnerabilities in Terraform Enterprise. We will also cover developing a custom provider and utilities the same for gaining access to the terraform server extracting the cloud credentials. We will also present various architectural solutions around TFE and best practices for minimising these attack vectors. Furthermore, the session will provide actionable steps for assessing the security posture of custom providers to ensure a robust defence.

Speaker: Karl Fosaaen

Date: 10 Aug

Time: 11:10 - 11:50

X: @kfosaaen


As a VP of Research, Karl is part of a team developing new services and product offerings at NetSPI. Karl previously oversaw the Cloud Penetration Testing service lines at NetSPI and is one of the founding members of NetSPI's Portland, OR team. Karl has a Bachelors of Computer Science from the University of Minnesota and has been in the security consulting industry for 15 years. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit to house many of the PowerShell tools that he uses for testing Azure. In 2021, Karl co-authored the book "Penetration Testing Azure for Ethical Hackers" with David Okeyode.


As Azure services continue to expand and evolve, their associated authentication methodologies have also changed. Having mostly moved away from storing credentials in cleartext, most Azure services utilize Managed Identities to offer a more secure approach to access management. However, Managed Identities can bring their own challenges and risks.
In this talk, we delve into the nuanced landscape of Managed Identities across multiple Azure services. We explore how attackers exploit access to services with these identities to escalate privileges, move laterally, and establish persistence within Azure tenants. We will also provide helpful tips for defenders trying to identify these attacks. Finally, we will showcase a tool designed to automate attacks against User-Assigned Managed Identities.

Speaker: Sam "Frenchie" Stewart

Date: 10 Aug

Time: 13:10 - 13:50

X: @nffrenchie


Frenchie is the founder & CEO of Ensignia Security. Previously: InfraSec @ Brex/Cruise/Culture Amp. He has previously presented on cloud, cluster, container & CI/CD security (anything starting with a C, really) at BSidesSF/Melbourne/Canberra, ProjectDiscovery's Hardly Strictly Security and Kiwicon conferences, amongst others. Frenchie is far too biased to answer this question, and instead chooses to break the 4th wall.


As security engineers, managing risk means making informed decisions about which vulnerabilities to address first. We are often too time constrained, and the signal-to-noise ratio of current SAST/SCA tooling is too low.

This talk introduces "Runtime Reachability," a novel approach that leverages Continuous Profiling via eBPF to quantify how often a vulnerable method/codepath is called, in actual production usage. By understanding the runtime behavior of applications, security teams can effectively filter out low-likelihood vulnerabilities, prioritize fixes more effectively, reduce toil & the overall risk to their organization.

Speaker: Jenko Hwong

Date: 11 Aug

Time: 10:00 - 10:35

X: @jenkohwong


Jenko Hwong is a Principal Researcher on Netskope's Threat Research Team, focusing on cloud threats/vectors and identity abuse. He's spent time in engineering and product roles at various security startups in vulnerability scanning, AV/AS, pen-testing/exploits, L3/4 appliances, threat intel, and windows security.


Cloud attacks continue to evolve e.g., AWS enumeration without logging (Fourchette), Azure OAuth tokens used for EoP and persistence (Blizzard), Cloud Shell backdoors, code abuse in GSuite scripting (Bryant), and tool evolution (Rhinolabs pacu), with current defensive approaches of lagging further and further behind.

This talk covers research and tooling to improve cloud defenses in AWS, Azure, and GCP, using more stealthy measures which complement existing techniques. We call the approach cloud tripwires, which involves stealthy defensive techniques that can provide low-FP detections of malicious actors.

Through analysis of cloud provider IAM design, published attack techniques and common attack tools, we show multiple stealthy detection techniques such as: restricted admin roles that are not used by valid users; seeding of the restricted admin roles in regular user policies; honey resources (buckets, files) with detections to flag access; seeding of honey resources within user policies; cached honey credentials seeded in CLI installations in external client environments, EC2 instances, and Cloud Shells; unrestricted cross-account roles to restricted accounts; metadata proxy/iptables config on EC2 instances that issue restricted temporary tokens; and full CRUD/reporting/auditing functionality.

Speaker: Nick Frichette

Date: 11 Aug

Time: 10:35 - 11:10

X: @Frichette_n


Nick Frichette is a Staff Security Researcher at Datadog, where he specializes in offensive AWS security. He is known for finding multiple zero-day vulnerabilities in AWS services and regularly publishing on new attack techniques. In addition to his research, Nick is the creator and primary contributor to Hacking the Cloud, an open source encyclopedia of offensive security capabilities for cloud environments. He is also a part of the AWS Community Builder Program, where he develops content on AWS security.


In this talk we will explore vulnerabilities in Amazon Web Services (AWS) products which allowed us to gain access to cloud environments.

Traditionally, adversaries have abused misconfigurations and leaked credentials to gain access to AWS workloads. Things like exposed long-lived access keys and exploiting the privileges of virtual machines have allowed adversaries to breach cloud resources. However, these mistakes are on the customer side of the shared responsibility model. In this session, we will cover vulnerabilities in AWS services that have been fixed and that previously allowed us to access cloud resources.

We will start with an exploration of how Identity and Access Management (IAM) roles establish trust with AWS services. Covering how roles associated with Amazon Cognito and GitHub Actions could be misconfigured to allow anyone in the world to access them. From here, we’ll cover a vulnerability we found in AWS Amplify which exposed IAM roles associated with the service to takeover, allowing anyone the ability to assume these roles.

Finally, we will also look at a worst-case scenario: what happens when an attacker finds a confused deputy vulnerability and is able to assume roles in other accounts? Sounds far-fetched? We’ll cover a real world example of a vulnerability we found in AWS AppSync that lets us do just that. We’ll also discuss how security practitioners can secure their environments, even against a zero-day like this one.

Join us to learn how attackers search for and exploit vulnerabilities in AWS services to gain access to cloud environments.

Speaker: Viktor Gazdag

Date: 11 Aug

Time: 11:10-11:45

X: @wucpi


Viktor Gazdag has worked as pentester and security consultant for 9 years, lead cloud research working group and M365 capability service. He has reported numerous vulnerabilities in products and plugins from companies such as Oracle, SAP, Atlassian, Jenkins, CloudBees Jenkins, JetBrains, Sonatype. He gave talks about CI/CD security at DevOps World, Black Hat USA, DefCon and DoD CyberDT XSWG. He holds multiple AWS/Azure/GCP, Infra as Code, DevOps and Hacking certs and Jenkins Security MVP award.


Azure Policy is a built-on service that helps creating security and compliance policies to enforce organizational standards in the cloud environment. It evaluates resources by comparing the properties of the resources and with the help of remediation tasks, it can fix or remediate any issues with those resources. Have you ever wondered if you could abuse or bend these policies? Can you do more than just listing the storage accounts with public access and not be in the logs? How about creating a backdoor?

In this talk I will answer these questions by talking about what Azure Policy is, how to write one, what the logs contain, what permission you need, what does resource enumeration could look like etc. At the end I will present a proof-of-concept solution to bend the Azure Policy and create a backdoor account in Azure.

Speaker: Roberto Rodriguez

Date: 11 Aug

Time: 11:45 - 12:20

X: @Cyb3rWard0g


Roberto Rodriguez, also known as Cyb3rWard0g in the Infosec community, is a respected security researcher at the Microsoft Security Research organization. He is well-known for his contributions to the field, including the creation of influential open-source projects such as the Threat Hunter Playbook, Security Datasets, OSSEM, SimuLand and ATT&CK Python Client. Roberto's work has had a significant impact on the cyber security community, promoting proactive threat hunting and knowledge sharing. His expertise and dedication have made a lasting impact on the industry and has helped shape the future of cyber security.


In the rapidly evolving domain of cloud security, the ability to dynamically interact with cloud services is crucial for security teams. Understanding cloud APIs is key to effectively managing everything from administrative tasks to security operations. Security researchers often face the challenge of selecting from numerous API definitions. What if there was a system capable of autonomously selecting the right APIs and intelligently chaining them to achieve specific goals?

In this presentation, I will share insights from my research on LLM-based AI agents. These agents utilize LLMs as reasoning engines, enabling them to handle complex tasks in natural language and autonomously determine their next actions based on user input and previous interactions. I will explain how we can transform Microsoft Graph API definitions into schemas that align with LLM function-calling capabilities. This transformation allows an LLM to select the appropriate tools and supply the correct arguments for an AI agent to execute. By integrating generative AI with cybersecurity, we can automate tasks and discover new ways to chain APIs for various operations, significantly enhancing the capabilities of security researchers to innovate in security operations and automation.

Speaker: Mohammed Ilyas Ahmed, Syed Aamiruddin

Date: 09 Aug

Time: 15:40 - 17:40

X: @beingilyasahmed


Mohammed Ilyas Ahmed is an industry professional with extensive expertise in security within the DevSecOps domain, where he diligently works to help organizations bolster their security practices. With a fervent dedication to enhancing security posture, Mohammed's insights and guidance are invaluable to those navigating the complex landscape of DevSecOps. In addition to his involvement in industry events, Mohammed is an active speaker and judge, lending his expertise to technical sessions at prestigious conferences. His commitment to advancing knowledge is evident through his research contributions at Harvard University, where he contributes to journal publications, enriching the academic discourse surrounding security practices, and as a distinguished member of the Harvard Business Review Advisory Council, underscores his commitment to advancing knowledge and fostering collaboration between academia and industry.
Mohammed Ilyas Ahmed's influence extends even further as a Member of the Global Advisory Board at Vigitrust Limited, based in Dublin, Ireland. This additional role highlights his international reach and his involvement in shaping global strategies for cybersecurity and data protection.
Mohammed's dedication to excellence is further highlighted by his numerous certifications, which serve as a testament to his proficiency and depth of knowledge in the security domain. However, beyond his professional pursuits, Mohammed is a multifaceted individual with a diverse range of interests, adding richness to his character and perspective.


In the ever-evolving landscape of containerized applications, ensuring the integrity and security of your container images is paramount. Join us for an immersive, hands-on workshop titled "Hands-On Container Image Security: Mastering Sigstore for Unbreachable Integrity," where we'll dive deep into securing your container images using the cutting-edge open-source tools Cosign and Rekor from the Sigstore project.

This workshop will provide a comprehensive, practical introduction to Sigstore tools, demonstrating how they can be seamlessly integrated into your DevOps workflows. We'll begin with a brief overview of the common security challenges associated with container images and how Sigstore addresses these issues by providing automated and tamper-proof signing and verification processes.

Participants will then engage in hands-on exercises, where they'll:
1. Learn to sign container images and verify their integrity using Cosign. We'll guide you through setting up Cosign, signing your first image, and verifying its signature, ensuring you have a solid understanding of this powerful tool.
2. Delve into using Rekor, Sigstore's transparency log, to record and verify signed image metadata. You'll experience firsthand how Rekor enhances security by providing an immutable log of all signed images, ensuring accountability and traceability.
3. Discover how to seamlessly integrate these tools into your existing DevOps pipelines, automating the signing and verification process, and ensuring that only trusted and verified images make it to production environments.

By the end of this workshop, you'll have gained hands-on experience with Sigstore tools and a deep understanding of how to implement them in your own environment. This session is tailored for DevOps engineers, security professionals, and software developers who are committed to enhancing their container security practices.

Don't miss this unique opportunity to acquire practical knowledge and skills in securing your container images. Join us and learn how to leverage Sigstore's powerful tools to ensure your container images are secure, verified, and trustworthy, safeguarding your applications from potential threats.

Speaker: Ezz Tahoun

Date: 10 Aug

Time: 13:50 - 15:50


Ezz Tahoun, a distinguished cyber-security data scientist, who won AI & innovation awards at Yale, Princeton and Northwestern. He also got innovation awards from Canada’s Communications Security Establishment, Microsoft US, Trustwave US, PIA US, NATO, and more. He ran data science innovation programs and projects for OrangeCyber Defense, Forescout Technologies, Royal bank of Canada, Governments, and Huawei Technologies US. He has published 20 papers, countless articles and 15 open source projects in the domain. When he was 19 years old he started his CS PhD in one of the top 5 labs in the world for cyber & AI, in the prestigious University of Waterloo, where he published numerous papers and became a reviewer for top conferences. His designations include: SANS/GIAC-Advisory-Board, aCCISO, CISM, CRISC, GCIH, GFACT, GSEC, CEH, GCP-Professional-Cloud-Architect, PMP, BENG and MMATH. He was an adjunct professor of cyber defense and warfare at Toronto’s school of management.


Interpret the vast amount of alerts (from different sources) received with a comprehensive, hands-on autonomous attack correlation & false positive detection workshop designed to enhance your proactive defense in the cloud. The workshop aims to demystify the process of identifying coordinated attacks amidst this noise, empowering attendees to improve their efficacy & utilize the cloud cost-effectiveness.

No data science expertise is required. Little cloud & secops expertise is required.

- The session begins with a foundational overview of event analysis challenges and state of the art.
- Participants will learn about the ATT&CK framework, focusing on its Flows, Tactics, & Techniques to standardize threat detection.

AI & Data:
- A deep dive into accessible open-source AI tools will follow, featuring clustering algorithms, natural language processing, & Markov chains.
- Guidance on importing, cleaning, & normalizing data will ensure accuracy in subsequent analyses.
- Participants will have access to a demo environment to apply these tools interactively.

Mapping Alerts:
- Techniques for automated mapping of alerts to ATT&CK will be demonstrated.
- Attendees will engage in mapping exercises using AI.

Clustering Alerts:
- The workshop will cover clustering methods based on temporal, spatial, & technical attributes.
- Participants will engage in clustering sample alerts to form contextualized attack steps.

Correlating Alerts:
- The importance of killchains in cybersecurity will be highlighted, with methods to link attack steps into cohesive killchains.
- Participants are guided in creating & analyzing killchains to identify coordinated attacks.

- Criteria for creating FP Tickets, Incident Tickets, & Attack Story Tickets will be outlined.
- Participants will engage in generating sample tickets, ensuring each type is comprehensive & actionable.

Integrating & QA:
- The session will cover integration into existing SOC setups & automation using scripts & tools.
- Demonstrations will show how to maintain & update the system for continuous improvement, emphasizing cost-effective cloud automation.
- QA, troubleshooting, & further resources.

By the end of this interactive workshop, participants will have experience with AI tools mapping alerts to Techniques, clustering them into contextualized attack steps, & constructing comprehensive killchains to uncover coordinated attacks. Additionally, they will learn to generate actionable tickets for immediate response & long-term improvements in their security posture, all without needing advanced data science knowledge. This session encourages practical application in participants' environments & further exploration of the vast capabilities of open-source AI in cybersecurity, & showcases the power of cloud cost-effectiveness in big data analytics (sagemaker, s3, lambda, etc.).

Speaker: Seth Art

Date: 10 Aug

Time: 16:00 - 18:00

X: @sethsec


Seth Art is a Senior Security Advocate at Datadog. Prior to joining Datadog, Seth created and led the Cloud Penetration Testing practice at Bishop Fox. He is the author of multiple cloud focused open source tools including BadPods, IAMVulnerable, and CloudFoxable, and the co-creator of the popular cloud penetration testing tool, CloudFox.


Whether you are responsible for attacking or defending cloud environments, you want to know how attackers compromise them and what successful post-exploitation looks like in the cloud.

This workshop focuses on learning how attackers typically compromise cloud environments, and what post-exploitation looks like. Each workshop attendee will have access to an AWS account deployed with a collection of intentionally vulnerable cloud resources that represent misconfigurations exploited during real cloud penetration tests.

In most cases, attackers gain initial access to cloud environments in one of three ways: They compromise a vulnerable application or service in the cloud, a misconfigured cloud resource, or a user with access to the cloud. In this workshop we will be attacking an intentionally vulnerable cloud environment with all three types of vulnerabilities.

Each section of the workshop will start with an instructor led introduction followed by hands-on hacking. There is something for everyone, regardless of your offensive skill level. Anyone familiar with Linux commands and the AWS CLI is welcome to attend, and even those who have been in the field for years will find something to challenge them.

Speaker: Harsha Koushik, Anand Tiwari

Date: 09 Aug

Time: 12:30 - 13:00

X: @0xlcheetah, @anandtiwarics


Harsha Koushik is a security engineer and researcher, passionate about securing digital systems. Specializing in Cloud-Native Application Platform Protection (CNAPP), tackling emerging cyber threats while working at large scales. Additionally, Harsha hosts the security podcast 'Kernel-Space,' exploring insightful discussions on the latest trends and issues in cybersecurity.

Anand Tiwari is an information security professional with a strong technical background working as a Product Manager (PM), focusing on the more technical aspects of a cloud security product. He tries to fill it in by doing in-depth technical research and competitive analysis, given business issues, strategy, and a deep understanding of what the product should do and how the products actually work. He has authored ArcherySec—an open source-tool and has presented at BlackHat, DEF CON USA, and HITB conferences. He has successfully given workshops at many conferences such as DevOpsDays Istanbul, Boston.


Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of security controls. By automating the testing of various threat vectors including external and insider threats, lateral movement, and data exfiltration, COBRA enables organizations to gain insights into their security posture vulnerabilities. COBRA is designed to conduct simulated attacks to assess an organization's ability to detect and respond to security threats effectively.

It facilitates Proof of Concept (POC) evaluations, assesses security controls, measures maturity levels, and generates comprehensive reports, enabling organizations to enhance their cloud security resilience through lifelike threat scenarios.

COBRA Features:
Seamless Integration for POC and Tool Evaluation: COBRA provides seamless integration for Proof of Concept (POC) and tool evaluation purposes. Whether you're exploring new cloud-native applications or evaluating existing solutions, COBRA offers a user-friendly interface and flexible deployment options to facilitate effortless testing and assessment.
Comprehensive Assessment of Cloud-Native Security Posture: Gain unparalleled insights into your organization's existing cloud-native security posture with COBRA. Our advanced assessment capabilities enable you to identify vulnerabilities, assess security controls, and pinpoint areas for improvement. By understanding your current security posture, you can proactively address gaps and strengthen your defenses against emerging threats.
Benchmarking Against Industry Standards and Best Practices: COBRA enables you to benchmark your cloud security controls against industry standards and best practices. With our comprehensive benchmarking framework, you can compare your security posture against established benchmarks, identify areas of strength and weakness, and prioritize remediation efforts accordingly.
Actionable Insights and Recommendations: COBRA goes beyond providing insights by providing a report delivering actionable recommendations tailored to your organization's specific needs. Whether it's optimizing security configurations, implementing additional controls, or enhancing incident response processes, COBRA equips you with the tools and guidance needed to bolster your cloud security defenses.

Continuous Threat Simulation: COBRA offers a modular and templatized approach for users to easily integrate additional modules, allowing for continuous threat simulation and adaptability, by providing a flexible framework for adding modules, COBRA ensures that users can tailor their threat simulation capabilities according to evolving security needs, making it an ideal platform for continuous threat simulation.

Speaker: Victor Pasknel

Date: 09 Aug

Time: 15:10 - 15:40

X: @pasknel


Cybersecurity professional with a proven track record of 13 years in executing red-team operations, penetration testing, war games, and vulnerability assessments. Possessing a strong academic background, including a PhD in Applied Informatics from the University of Fortaleza (Brazil) earned in 2022, coupled with over a decade of experience as a university professor specializing in information security.


A CI/CD pipeline is a sequence of steps designed to automate the software delivery process. DevOps environments consist of multiple systems that collaborate to facilitate CI/CD pipelines. However, DevOps systems are significant targets for attackers due to their possession of credentials and access keys for various components, including domain accounts, databases, and cloud assets.
Epyon is a versatile tool for red teamers to target common DevOps systems. It is open source and written entirely in Golang. Moreover, it features multiple modules, such as GitLab, SonarQube, and Azure DevOps.
During this demonstration, I will present examples (based on real project experiences) of how to utilize Epyon for privilege escalation and lateral movement within a DevOps environment.

Speaker: Scott Weston

Date: 10 Aug

Time: 10:00 - 10:30

X: @WebbinRoot


Originally from southern CA, I am currently a senior security consultant for NetSPI based out of Minneapolis, MN. My assessment experience includes web applications, AWS, GCP, and external networks. I spoke about AWS organizations at fwd:cloudsec 2023 with most of the talk summarized in the 2 part blogpost here: I got accepted to speak at fwd:cloudsec 2024 for a new tool I've been making to pentest GCP environments (mirroring Pacu-like structure). In my spare time I like to pursue bug bounties if the opportunity arises, play videogames, assume the role of dungeon master every so often, and just hang out.


When discussing the various cloud providers within the last decade, Google Cloud Platform (GCP) is often seen as the smaller provider following AWS and Azure with regards to market share. While GCP might appear smaller than its rival cloud providers, it still is very much in use today, and with this use comes the opportunities for developing pentesting tools. As I've been learning GCP over the last year, I have been making a framework in python (much like Pacu for AWS) specifically for GCP. This includes enumeration modules for some of the core services (Cloud Storage, Cloud Functions, Cloud Compute, IAM) along with the incorporation of numerous exploit modules, many of them rooted in Rhino Security's currently public GCP exploit repository ( In addition, the framework is built such that it should be easy for a first-time GCP user or beginner to code and develop modules that focus on purely navigating individual resources and easily drop those into the framework. The overall goal is to make an up-to-date, maintained enumeration and exploit toolset for GCP pentesters/red teams/researchers alike that reduces the barrier of entry for learning GCP by allowing average users to make their own modules that easily incorporate with the overall framework.

Speaker: Filipi Pires

Date: 10 Aug

Time: 12:40 - 13:10

X: @FilipiPires


I’ve been working as Security and Threat Researcher and Cybersecurity Advocate at senhasegura, Founder at Black&White Technology, Cybersecurity Advocate, Snyk Ambassador, Application Security Specialist and Hacking is NOT a crime Advocate. International Speaker at Security and New technologies events in many countries such as US, Canada, France, Spain, Germany, Poland, and others, I’ve served as University Professor in Graduation and MBA courses at Brazilian colleges, in addition, I'm Creator and Instructor of the Course - Malware Attack Types with Kill Chain Methodology (PentestMagazine), PowerShell and Windows for Red Teamers(PentestMagazine) and Malware Analysis - Fundamentals (HackerSec).


During this presentation, we will address the critical importance of permission management in Cloud Native integrations and how an inadequate permissions model can create significant advantages for attackers. We will demonstrate how an attacker can exploit standard permissions to achieve privilege escalation, explain what Choke Points are, and illustrate Attack Paths in practice, showing how an attacker can progress towards success in their objectives. As the ultimate goal of this talk, we will present practical actions to enhance the security of your environment in this context and mitigate these threats.

Speaker: Hubert Lin

Date: 09 Aug

Time: 12:10 - 12:30

X: @hubertwslin


Hubert Lin is an offensive security expert, specializing in remote vulnerability exploitation, honeypots, and penetration testing. He previously led the signature team for network threat defense and was a senior staff engineer on the Red Team at Trend Micro. In his roles, he assessed network intrusion prevention systems and conducted sanctioned red team exercises to enhance corporate security. Hubert holds certifications as a Red Hat Certified Engineer (RHCE) and an Offensive Security Certified Professional (OSCP). Currently, he works at Netskope as a Sr. Staff Researcher.


The Cloud Shell feature from cloud service providers offers a convenient way to access resources within the cloud, significantly improving the user experience for both administrators and developers. However, even though the spawned instance has a short lifespan, granting excessive permissions could still pose security risks to users. This talk reveals an abuse methodology that leverages an unexpected, public-facing port in GCP Cloud Shell discovered during recon. Through manipulation in Linux Netfilter's NAT table, it serves various internally running services such as HTTP, SOCKS, and SSH within the Cloud Shell container to the public. This configuration could be exploited by adversaries to bypass the Google authentication needed in its Web Preview feature to leak data, to deliver malicious content, or to pivot attack traffic through the Google network.

Speaker: Zander Mackie

Date: 09 Aug

Time: 13:00 - 13:25

X: @ZanderMackie


Zander Mackie is a father, husband, security researcher, and developer. He’s worked across the stack as a software engineer, from fixing CSS bugs to writing systems code for container orchestration. He’s driven by a relentless need to figure out how things work and fixing bugs is his favorite.


The Microsoft Azure threat matrix contains a mysterious and almost empty item: AZT508 - Azure Policy, which suggests this service can break bad but gives almost no details as to how. To quote Microsoft: “Azure Policy helps to enforce organizational standards and to assess compliance at-scale.“ How does this banal sounding service come to be used for attacking Azure users?

This talk aims to fill in the picture. We will explore the Azure Policy service and how it can be used for badness: punching holes in acls, creating persistent backdoors on virtual machines, assigning attacker controlled roles to resources, modifying database encryption, etc. I will demo an abuse scenario, and discuss others that can be used for privilege escalation and persistence. I will also discuss a confused deputy attack on this service. Finally, I will share detection and control recommendations.

Talk Outline:
The Azure Policy service (3 mins):
- What it is, how it works, and how it is intended to be used. This service is billed as an integral part of the Azure compliance story. Policies examine resources and can block or alert on non-compliance.
- Introduce the components at play and lay the groundwork for understanding later abuse. -----There are lots of interlocking pieces to understand.
- Introducing policy effects which go far beyond normal auditing scope. Effects are how policies can make changes to resource configuration.

Establishing the abuse case: (7 mins)
- Discussion of evil that can be done with intended functionality including a demo
- Policy adds an arbitrary script to every VM, which runs as soon as it starts up, calling a reverse shell home.
- Policy turns off database encryption
- Policy to assign an RBAC role to attacker controlled account
- What privileges and roles are need for the above

Privesc scenario (7 mins)
- Policy initiatives - these are higher level groupings of policies
- Confused deputy attack via initiative
- The curious case of `append` actions
- Policies can append an attacker IP to every new ACL in your environment
- Adding attacker ssh keys to all VMs

Speaker: Liv Matan

Date: 10 Aug

Time: 11:50 - 12:15

X: @terminatorLM


Liv Matan (@terminatorLM) is a Senior Security Researcher at Tenable, where he specializes in application and web security. He previously worked as a Security Researcher at Ermetic and served in the Israeli Intelligence Corps as a Software Developer.
As a bug bounty hunter, Liv has found several vulnerabilities in popular software platforms, such as Azure, Google Cloud, AWS, Facebook and Gitlab, was recognized by Microsoft as a Most Valuable Researcher, and has presented at conferences such as DEF CON Cloud Village and fwd:cloudsec.
Liv studied computer science at the Weizmann Institute of Science, in Israel. In his free time, he boxes, lifts weights and plays Capture the Flag (CTF).


Cloud providers build their services a little like Jenga towers. They use their core services as the foundation of more popular customer-facing offerings. You may think you’re just creating a GCP cloud function in an empty account. In reality, with one click, you’re creating resources in six different services: a Cloud Build instance, a Storage Bucket, an Artifact Registry or a Container Registry, and possibly a Cloud Run instance and Eventarc triggers. The security of the entire stack is only as strong as the weakest link.

By looking at the entire stack, we can find privilege escalation techniques and even vulnerabilities that are hidden behind the stack. In my research, I was able to find a novel privilege escalation vulnerability and several privilege escalation techniques in GCP.

The talk will showcase a key concept, sometimes not discussed enough: cloud services are built on top of each other, and one click in the console can cause many things to happen behind the scenes. More services mean more risks and a larger attack surface.

The next part will dive deep into the vulnerable GCP cloud functions deployment flow. I will showcase the vulnerability I found in this flow, which enables an attacker to run code as the default Cloud Build service account by exploiting the deployment flow and the flawed trust between services resulting in a large fix and change in GCP IAM and Cloud Functions. This would grant an attacker high privileges to key services such as Storage, Artifact Registry, and Cloud Build.

However, this talk is about more than just a vulnerability. By understanding cross-service dependency, we can reveal a broad attack surface for many possible privilege escalation vectors between services. I will demo a simple tool I wrote to find the hidden APIs that are called by the CSP when performing an action.

By the end of this talk, the audience will learn the dangers of treating cloud services like a black box. The talk explains the hidden deployment flow behind one important stack, and provides the tools to uncover the risks of many more.

Speaker: Brandon Colley

Date: 10 Aug

Time: 12:15 - 12:40

X: @techBrandon


Brandon Colley has over fifteen years of experience administering and securing Active Directory (AD) and Windows environments. Brandon is a Senior Security Consultant for Trimarc specializing in providing reality-based AD and Entra ID security assessments. He served as a systems administrator for multiple organizations before shifting career focus to information security. He has published multiple articles through Quest, Practical 365 and Trimarc Hub. Brandon enjoys speaking engagements and has previously presented at BsidesKC, Hackers Teaching Hackers, and PancakesCon. He co-hosts a weekly podcast, interviewing infosec professionals and has appeared on multiple broadcasts, including the Phillip Wylie Show. Brandon delivers material in a humorous, yet effective manner with a focus on content built for a Blue Team through a Red lens.


Microsoft Entra Conditional Access sits at the forefront of organization's security boundaries. The ever-changing climate of conditional access continues to give administrators more and more security controls. The tradeoff of which is increased complexity when attempting to balance security and productivity. The more policies deployed in a tenant, the greater the chance for misconfigurations that create opportunities for exploitation. Whether you're a cloud administrator, security consultant, or adversary, the goal remains the same: to find the holes in conditional access.

This talk discusses lessons learned from real-life engagements and identifies multiple strategies for evaluating conditional access. Topics and tooling are explored that view conditional access from several different angles. First, understanding PowerShell and Graph API is vital when combing through policies, finding gaps in user, group, role, location, application, or device configuration. Second, simulation of logon criteria and reporting on authentication events helps to understand where policies fall short. Finally, creating a visual representation of each policy is helpful to better see policy details or build executive reports. Each of these provides an important piece of the puzzle when attempting to identify methods to bypass security controls. Audience members should expect to leave with an arsenal of new tools and techniques to continuously monitor conditional access for risk.

Speaker: William Taylor

Date: 11 Aug

Time: 12:20 - 12:40


Security consultant with a background in embedded engineering and DevOps, which has lead to an interest in mobile, Cloud, and Kubernetes security. I used to make things work; now I break things, professionally and ethically.


Engineers can carefully build their networks, designing the traffic flow explicitly through well constructed controls, even following design best practices from the CSP themselves, only to be let down by unexpected subtleties in the exact way certain technologies operate.

In this talk, we will take a look at just such a case study concerning Transit Gateways (TGW) in AWS, where security consultants were able to communicate freely across an apparent network boundary. We will review how TGWs are attached to subnets, and how the documentation implies they should operate. Then we will examine why NACLs appeared to be having no effect on blocking traffic, and allowed an effectively flat network between two peered accounts.

This case study will demonstrate the importance and effectiveness of practical testing, either internally by the developers or with an external reviewer, in confirming – or in many cases quite the opposite – that the operation matches the design aims. It isn’t always easy to find that leak, but if there is a puddle of water on the floor then at least you know you need to start looking for the flaw. This talk will show through the TGW case study and a few other examples how we noticed the puddle, how we found the leak, how it was fixed, and how hopefully the same leak won’t spring twice.

For Previous Talks & Recent Updates