├── .gitignore ├── Closing-Conference-wrap-up └── summary.md ├── Introduction └── summary.md ├── README.md ├── ai-ml-security ├── Breaking-AI-Agents-Exploiting-Managed-Prompt-Templates-to-Take-Over-Amazon-Bedrock-Agents │ └── summary.md ├── Bypassing-AI-Security-Controls-with-Prompt-Formatting │ └── summary.md ├── Challenges-around-AI-as-a-Service-logging │ └── summary.md ├── Double-Agents-Exposing-Hidden-Threats-in-AI-Agent-Platforms │ └── summary.md ├── Farewell-False-Positives-Building-Trustworthy-AI-for-IaC-Analysis │ └── summary.md ├── Inside-Microsofts-Battle-Against-Cloud-Enabled-Deepfake-Threats │ └── summary.md └── Taming-LLMs-to-Detect-Anomalies-in-Cloud-Audit-Logs │ └── summary.md ├── attack-techniques-vulnerabilities ├── Defenders-hate-it-Compromise-vulnerable-SaaS-applications-with-this-one-weird-trick │ └── summary.md ├── The-Good-the-Bad-and-the-Ugly-Hacking-3-CSPs-with-1-Vulnerability │ └── summary.md └── whoAMI-Discovering-and-exploiting-a-large-scale-AMI-name-confusion-attack │ └── summary.md ├── cloud-infrastructure-architecture ├── Beyond-the-Big-Three-Mastering-Oracle-Cloud-Security-in-a-Multi-Cloud-World │ └── summary.md ├── Challenges-implementing-egress-controls-in-a-large-AWS-environment │ └── summary.md ├── Data-Perimeter-Implementation-Strategies-Lessons-Learned-Rolling-Out-SCPs-RCPs │ └── summary.md ├── I-Didnt-Register-for-This-Whats-Really-in-Googles-Artifact-Registry │ └── summary.md ├── Introducing-GRC-Engineering-A-New-Era-of-AWS-Compliance │ └── summary.md ├── Inviter-Threat-Managing-Security-in-a-new-Cloud-Deployment-Model │ └── summary.md ├── Keeping-your-cloud-environments-secure-during-a-merger-or-acquisition │ └── summary.md ├── Logs-dont-mean-a-thing-Unraveling-IaC-Managed-Identity-Ownership │ └── summary.md ├── Securing-organizations-ML-and-LLMops-deployments-A-platform-architects-journey-onboarding-LLM │ └── summary.md ├── Shared-GPU-Security-Learnings-from-Fly.io │ └── summary.md ├── The-Good-The-Bad-and-The-Vulnerable-Breaking-Down-GCP-Tenant-Projects │ └── summary.md ├── This-Wasnt-in-the-Job-Description-Building-a-production-ready-AWS-environment-from-scratch │ └── summary.md └── You-Are-Not-Netflix-How-to-learn-from-conference-talks │ └── summary.md ├── identity-access-management ├── ECS-cape-Hijacking-IAM-Privileges-in-Amazon-ECS │ └── summary.md ├── Happy-Little-Clouds-Painting-Pictures-with-Microsoft-Cloud-and-Identity-Data │ └── summary.md ├── I-SPy-Rethinking-Entra-ID-research-for-new-paths-to-Global-Admin │ └── summary.md ├── IAM-Roles-Anywhere-now-for-everyone-with-Lets-Encrypt │ └── summary.md ├── No-IP-No-Problem-Exfiltrating-Data-Behind-IAP │ └── summary.md ├── Not-So-Secret-The-Hidden-Risks-of-GitHub-Actions-Secrets │ └── summary.md ├── Putting-Workload-Identity-to-Work-Taking-SPIFFE-past-day-0 │ └── summary.md ├── Rebuilding-ROADRecon-for-the-Modern-Entra-Environment │ └── summary.md ├── Securing-Remote-MCP-Servers │ └── summary.md ├── Staying-Sneaky-in-the-Office-365 │ └── summary.md ├── The-Duplicitous-Nature-of-AWS-Identity-and-Access-Management-IAM │ └── summary.md ├── The-False-Sense-of-Security-Defense-Becoming-a-Vulnerability │ └── summary.md ├── Trust-Issues-What-Do-All-these-JSON-files-actually-mean │ └── summary.md ├── What-would-you-ask-a-crystal-ball-for-AWS-IAM │ └── summary.md └── When-Your-Partner-Betrays-You-Trusted-Relationship-Compromise-In-The-Cloud │ └── summary.md └── threat-hunting-detection ├── Detecting-the-Undetectable-Threat-Hunting-in-Appliance-Environments └── summary.md ├── Patience-brings-prey-lessons-learned-from-a-year-of-threat-hunting-in-the-cloud └── summary.md └── What-Do-You-Mean-Resource-Not-Found-Demystifying-GCP-Error-Codes-for-IR-and-Detections └── summary.md /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/.gitignore -------------------------------------------------------------------------------- /Closing-Conference-wrap-up/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/Closing-Conference-wrap-up/summary.md -------------------------------------------------------------------------------- /Introduction/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/Introduction/summary.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/README.md -------------------------------------------------------------------------------- /ai-ml-security/Breaking-AI-Agents-Exploiting-Managed-Prompt-Templates-to-Take-Over-Amazon-Bedrock-Agents/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/ai-ml-security/Breaking-AI-Agents-Exploiting-Managed-Prompt-Templates-to-Take-Over-Amazon-Bedrock-Agents/summary.md -------------------------------------------------------------------------------- /ai-ml-security/Bypassing-AI-Security-Controls-with-Prompt-Formatting/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/ai-ml-security/Bypassing-AI-Security-Controls-with-Prompt-Formatting/summary.md -------------------------------------------------------------------------------- /ai-ml-security/Challenges-around-AI-as-a-Service-logging/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/ai-ml-security/Challenges-around-AI-as-a-Service-logging/summary.md -------------------------------------------------------------------------------- /ai-ml-security/Double-Agents-Exposing-Hidden-Threats-in-AI-Agent-Platforms/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/ai-ml-security/Double-Agents-Exposing-Hidden-Threats-in-AI-Agent-Platforms/summary.md -------------------------------------------------------------------------------- /ai-ml-security/Farewell-False-Positives-Building-Trustworthy-AI-for-IaC-Analysis/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/ai-ml-security/Farewell-False-Positives-Building-Trustworthy-AI-for-IaC-Analysis/summary.md -------------------------------------------------------------------------------- /ai-ml-security/Inside-Microsofts-Battle-Against-Cloud-Enabled-Deepfake-Threats/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/ai-ml-security/Inside-Microsofts-Battle-Against-Cloud-Enabled-Deepfake-Threats/summary.md -------------------------------------------------------------------------------- /ai-ml-security/Taming-LLMs-to-Detect-Anomalies-in-Cloud-Audit-Logs/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/ai-ml-security/Taming-LLMs-to-Detect-Anomalies-in-Cloud-Audit-Logs/summary.md -------------------------------------------------------------------------------- /attack-techniques-vulnerabilities/Defenders-hate-it-Compromise-vulnerable-SaaS-applications-with-this-one-weird-trick/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/attack-techniques-vulnerabilities/Defenders-hate-it-Compromise-vulnerable-SaaS-applications-with-this-one-weird-trick/summary.md -------------------------------------------------------------------------------- /attack-techniques-vulnerabilities/The-Good-the-Bad-and-the-Ugly-Hacking-3-CSPs-with-1-Vulnerability/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/attack-techniques-vulnerabilities/The-Good-the-Bad-and-the-Ugly-Hacking-3-CSPs-with-1-Vulnerability/summary.md -------------------------------------------------------------------------------- /attack-techniques-vulnerabilities/whoAMI-Discovering-and-exploiting-a-large-scale-AMI-name-confusion-attack/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/attack-techniques-vulnerabilities/whoAMI-Discovering-and-exploiting-a-large-scale-AMI-name-confusion-attack/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/Beyond-the-Big-Three-Mastering-Oracle-Cloud-Security-in-a-Multi-Cloud-World/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/Beyond-the-Big-Three-Mastering-Oracle-Cloud-Security-in-a-Multi-Cloud-World/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/Challenges-implementing-egress-controls-in-a-large-AWS-environment/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/Challenges-implementing-egress-controls-in-a-large-AWS-environment/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/Data-Perimeter-Implementation-Strategies-Lessons-Learned-Rolling-Out-SCPs-RCPs/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/Data-Perimeter-Implementation-Strategies-Lessons-Learned-Rolling-Out-SCPs-RCPs/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/I-Didnt-Register-for-This-Whats-Really-in-Googles-Artifact-Registry/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/I-Didnt-Register-for-This-Whats-Really-in-Googles-Artifact-Registry/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/Introducing-GRC-Engineering-A-New-Era-of-AWS-Compliance/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/Introducing-GRC-Engineering-A-New-Era-of-AWS-Compliance/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/Inviter-Threat-Managing-Security-in-a-new-Cloud-Deployment-Model/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/Inviter-Threat-Managing-Security-in-a-new-Cloud-Deployment-Model/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/Keeping-your-cloud-environments-secure-during-a-merger-or-acquisition/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/Keeping-your-cloud-environments-secure-during-a-merger-or-acquisition/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/Logs-dont-mean-a-thing-Unraveling-IaC-Managed-Identity-Ownership/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/Logs-dont-mean-a-thing-Unraveling-IaC-Managed-Identity-Ownership/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/Securing-organizations-ML-and-LLMops-deployments-A-platform-architects-journey-onboarding-LLM/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/Securing-organizations-ML-and-LLMops-deployments-A-platform-architects-journey-onboarding-LLM/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/Shared-GPU-Security-Learnings-from-Fly.io/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/Shared-GPU-Security-Learnings-from-Fly.io/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/The-Good-The-Bad-and-The-Vulnerable-Breaking-Down-GCP-Tenant-Projects/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/The-Good-The-Bad-and-The-Vulnerable-Breaking-Down-GCP-Tenant-Projects/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/This-Wasnt-in-the-Job-Description-Building-a-production-ready-AWS-environment-from-scratch/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/This-Wasnt-in-the-Job-Description-Building-a-production-ready-AWS-environment-from-scratch/summary.md -------------------------------------------------------------------------------- /cloud-infrastructure-architecture/You-Are-Not-Netflix-How-to-learn-from-conference-talks/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/cloud-infrastructure-architecture/You-Are-Not-Netflix-How-to-learn-from-conference-talks/summary.md -------------------------------------------------------------------------------- /identity-access-management/ECS-cape-Hijacking-IAM-Privileges-in-Amazon-ECS/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/ECS-cape-Hijacking-IAM-Privileges-in-Amazon-ECS/summary.md -------------------------------------------------------------------------------- /identity-access-management/Happy-Little-Clouds-Painting-Pictures-with-Microsoft-Cloud-and-Identity-Data/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/Happy-Little-Clouds-Painting-Pictures-with-Microsoft-Cloud-and-Identity-Data/summary.md -------------------------------------------------------------------------------- /identity-access-management/I-SPy-Rethinking-Entra-ID-research-for-new-paths-to-Global-Admin/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/I-SPy-Rethinking-Entra-ID-research-for-new-paths-to-Global-Admin/summary.md -------------------------------------------------------------------------------- /identity-access-management/IAM-Roles-Anywhere-now-for-everyone-with-Lets-Encrypt/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/IAM-Roles-Anywhere-now-for-everyone-with-Lets-Encrypt/summary.md -------------------------------------------------------------------------------- /identity-access-management/No-IP-No-Problem-Exfiltrating-Data-Behind-IAP/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/No-IP-No-Problem-Exfiltrating-Data-Behind-IAP/summary.md -------------------------------------------------------------------------------- /identity-access-management/Not-So-Secret-The-Hidden-Risks-of-GitHub-Actions-Secrets/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/Not-So-Secret-The-Hidden-Risks-of-GitHub-Actions-Secrets/summary.md -------------------------------------------------------------------------------- /identity-access-management/Putting-Workload-Identity-to-Work-Taking-SPIFFE-past-day-0/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/Putting-Workload-Identity-to-Work-Taking-SPIFFE-past-day-0/summary.md -------------------------------------------------------------------------------- /identity-access-management/Rebuilding-ROADRecon-for-the-Modern-Entra-Environment/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/Rebuilding-ROADRecon-for-the-Modern-Entra-Environment/summary.md -------------------------------------------------------------------------------- /identity-access-management/Securing-Remote-MCP-Servers/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/Securing-Remote-MCP-Servers/summary.md -------------------------------------------------------------------------------- /identity-access-management/Staying-Sneaky-in-the-Office-365/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/Staying-Sneaky-in-the-Office-365/summary.md -------------------------------------------------------------------------------- /identity-access-management/The-Duplicitous-Nature-of-AWS-Identity-and-Access-Management-IAM/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/The-Duplicitous-Nature-of-AWS-Identity-and-Access-Management-IAM/summary.md -------------------------------------------------------------------------------- /identity-access-management/The-False-Sense-of-Security-Defense-Becoming-a-Vulnerability/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/The-False-Sense-of-Security-Defense-Becoming-a-Vulnerability/summary.md -------------------------------------------------------------------------------- /identity-access-management/Trust-Issues-What-Do-All-these-JSON-files-actually-mean/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/Trust-Issues-What-Do-All-these-JSON-files-actually-mean/summary.md -------------------------------------------------------------------------------- /identity-access-management/What-would-you-ask-a-crystal-ball-for-AWS-IAM/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/What-would-you-ask-a-crystal-ball-for-AWS-IAM/summary.md -------------------------------------------------------------------------------- /identity-access-management/When-Your-Partner-Betrays-You-Trusted-Relationship-Compromise-In-The-Cloud/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/identity-access-management/When-Your-Partner-Betrays-You-Trusted-Relationship-Compromise-In-The-Cloud/summary.md -------------------------------------------------------------------------------- /threat-hunting-detection/Detecting-the-Undetectable-Threat-Hunting-in-Appliance-Environments/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/threat-hunting-detection/Detecting-the-Undetectable-Threat-Hunting-in-Appliance-Environments/summary.md -------------------------------------------------------------------------------- /threat-hunting-detection/Patience-brings-prey-lessons-learned-from-a-year-of-threat-hunting-in-the-cloud/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/threat-hunting-detection/Patience-brings-prey-lessons-learned-from-a-year-of-threat-hunting-in-the-cloud/summary.md -------------------------------------------------------------------------------- /threat-hunting-detection/What-Do-You-Mean-Resource-Not-Found-Demystifying-GCP-Error-Codes-for-IR-and-Detections/summary.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cybr-Inc/fwdcloudsec-2025-summaries/HEAD/threat-hunting-detection/What-Do-You-Mean-Resource-Not-Found-Demystifying-GCP-Error-Codes-for-IR-and-Detections/summary.md --------------------------------------------------------------------------------