Best Talks at fwd:cloudsec North America 2025
Hand-picked from in-depth reviewer verdicts. View all talks at fwd:cloudsec North America 2025 →
- 1. whoAMI: Discovering and exploiting a large-scale AMI name confusion attack — Seth Art
Seth Art, a security researcher at Datadog with 15 years of penetration testing experience, presents a comprehensive examination of the **whoAMI** attack, a name confusion vulnerability affecting **Amazon Machine Images (AMIs)** in AWS…
- 2. Trust Issues: What Do All these JSON files actually mean? — David Kerber
David Kerber, an AWS consultant and self-described IAM obsessive, presented a suite of open-source tools he built to solve what he calls the fundamental problem of cloud security: **AWS IAM is the most important security control and…
- 3. ECS-cape – Hijacking IAM Privileges in Amazon ECS — Naor Haziz
Naor Haziz, a software developer and security researcher at Sweet Security, presented a vulnerability he discovered in **Amazon ECS** (Elastic Container Service) that allows any container running on an EC2 instance to hijack the IAM role…
- 4. The Good, the Bad, and the Ugly: Hacking 3 CSPs with 1 Vulnerability — Hillai Ben-Sasson, Andres Riancho
Andres Riancho and Hillai Ben-Sasson, security researchers at Wiz, presented research demonstrating how a single critical container escape vulnerability in **NVIDIA Container Toolkit** was used to compromise more than 10 different cloud…
- 5. Breaking AI Agents: Exploiting Managed Prompt Templates to Take Over Amazon Bedrock Agents — Jay Chen, Royce Lu
Jay Chen, a security researcher at **Palo Alto Networks**, presented original attack research against **Amazon Bedrock Agents**, demonstrating a three-stage attack methodology -- reconnaissance, exploitation, and installation -- that…
- 6. The Good, The Bad, and The Vulnerable: Breaking Down GCP Tenant Projects — Ofir Balassiano, Ofir Shaty
Ofir Balassiano and Ofir Shaty, security researchers at **Palo Alto Networks**, present a deep investigation into **GCP tenant projects** -- hidden, Google-managed projects that are provisioned behind the scenes when customers use managed…
- 7. Defenders hate it! Compromise vulnerable SaaS applications with this one weird trick — Eric Woodruff
Eric Woodruff, Chief Identity Architect at Semperis, presents a deep investigation into **nOAuth** -- a two-year-old vulnerability class in applications using **OpenID Connect (OIDC)** with Microsoft Entra ID that remains actively…
- 8. When Your Partner Betrays You - Trusted Relationship Compromise In The Cloud — Sebastian Walla
Sebastian Walla, a cloud threat intelligence analyst at CrowdStrike, presented two real-world case studies of **trusted relationship compromises** in Azure, both conducted by the China-nexus threat actor **Murky Panda** (tracked by…
- 9. The False Sense of Security: Defense Becoming a Vulnerability — Nathan Eades
Nathan Eades delivered a sharp critique of how **Privileged Identity Management (PIM)** and **Just-In-Time (JIT) access** in Microsoft Entra ID have created a false sense of security that often undermines the very least-privilege goals…
- 10. What would you ask a crystal ball for AWS IAM? — Nick Siow
Nick Siow from Netflix's cloud security team presented the journey from a failed enterprise metrics initiative to the creation of **Yams**, a newly open-sourced IAM simulation engine designed to answer the questions that existing tools…
- 11. Detecting the Undetectable: Threat Hunting in Appliance Environments — Sagi Tzadik, Shahar Dorfman
Sagi Tzadik and Shahar Dorfman, security researchers at **Wiz**, present a methodology for hunting sophisticated malware in **virtual appliance environments** in the cloud. Virtual appliances -- products like Ivanti, Palo Alto PAN-OS…
- 12. Rebuilding ROADRecon for the Modern Entra Environment — Thomas Byrne
Thomas Byrne, a security consultant at Reverse, presents the work required to rebuild **ROADRecon** -- a widely used Python tool for enumerating Microsoft Entra ID (formerly Azure AD) tenants -- in response to the deprecation and imminent…