Best Talks at fwd:cloudsec Europe 2025
Hand-picked from in-depth reviewer verdicts. View all talks at fwd:cloudsec Europe 2025 →
- 1. The Cloud is a Spider Web: But with Broken Threads — Nitesh Surana, Nelson William Gamazo Sanchez
Nitesh Surana and Nelson William Gamazo Sanchez, cloud threat researchers at Trend Micro, presented a sweeping investigation into two classes of cloud security vulnerabilities: **overly permissive cloud credentials embedded in URL…
- 2. Lurking in the (documentation) shadows: Why We Built the AWS Security Changes Project — Liad Eliyahu
Liad Eliyahu, head of research at **Miggo Security**, presented the story behind the **AWS Security Changes** project — an automated system that monitors all AWS documentation for security-relevant modifications, classifies them using a…
- 3. A Candid Perspective on the Cloud Threat Landscape: What’s Real, What’s Not, and What Should Change — Curtis Hanson
Curtis Hanson, Managing Partner at **Invictus Incident Response** and a threat intelligence professional with over 10 years of experience, presented a first-of-its-kind **cloud-specific threat landscape** for 2025. Compiled exclusively…
- 4. SyncJacked - Hijacking Identities Through Entra Connect Synchronization — Tomer Nahum
Tomer Nahum, a security researcher at Semperis, presented two identity takeover vulnerabilities in **Microsoft Entra Connect** — the synchronization engine that bridges on-premises Active Directory with Entra ID (formerly Azure AD). The…
- 5. Permission Impossible: Hidden Dangers of Azure RBAC and API Vulnerabilities — Ariel Simon
Ariel Simon, a security researcher at Token Security, presented a two-part discovery in Azure's permission model that chains overprivileged built-in roles with an API vulnerability to achieve a novel attack: escalating from a weak cloud…
- 6. Pods Without Borders: Lateral Movement in Azure Kubernetes Service — Nishaanth Guna
Nishaanth Guna, a senior security consultant at **MDSec**, presented a series of real-world attack scenarios drawn from assumed-breach assessments against large-scale **Azure Kubernetes Service (AKS)** environments across banking…
- 7. Sweet Deception: Mastering AWS Honey Tokens to Detect and Outsmart Attackers — Nick Frichette
Nick Frichette, a security researcher at Datadog, delivered a technically deep examination of **AWS access key honey tokens** — their implementation mechanisms, detection capabilities, known weaknesses, and strategies for building a more…
- 8. Confidence Predicts Accuracy and Other Lies About Cloud Security — Kat Traxler
Kat Traxler, a Principal Security Researcher at **Vectra AI** with a background in offensive cloud research across Google Cloud and AWS, delivered a provocative keynote arguing that the cloud security industry's fixation on posture…
- 9. Ransomware protection with immutable AWS Backup - it's complicated ... — Paul Schwarzenberger, Kurtis Mash
Paul Schwarzenberger and Kurtis Mash presented the National Archives UK's journey to implement a centralized, immutable **AWS Backup** solution to protect their digital archives — which include records ranging from the Doomsday Book to…