A Cloud Security Guide to Hacker Summer Camp 2022

August 11, 2022

There are too many awesome talks at Hacker Summer Camp to pick from but as much as we would all like to watch them all, we all have topics we are passionate about and for us, you guessed it right – its the Cloud Security Ones.

This list is not complete,  we have tried to keep to Cloud Security Ones only otherwise the list will get rather long  and we will continue to add to it as you continue to tell us which ones we shouldn’t miss and which ones you loved…

In no particular order….

Black Hat USA – Cloud Security Practitioners Briefings

Blackhat bundles Cloud & Platform Security together (possibly because they don’t get a lot of talks for each of these topics considering Cloud Security Research as a field is only few years old). Overall there were not a lot of Cloud related talks 3 directly talking about Cloud and 8 indirectly. I’ve listed the talks here:

  • Beware of non human identities 
  • Some CSP defaults are an attackers best friends 
  • While logging is important and better than they have been before but they do have limits which we must be aware of and should be contextualized. Logging allows for better permission building. 
  • Shared list of AWS IAM Tooling 

For those in secondary space (SupplyChain, Containers, Serverless, AppSec etc) would appreciate the following talks too:


Taking a Dump In The Cloud – Melvin “Flangvik” Langvik

Cloud Village – clearly calls out to us 

But there are some great cloud security talks happening at these villages too (and maybe others we don’t know about yet, so let us know)

Bsides Vegas

  • A Tale of Two Malware Families – Overcoming Anti-Forensics and Foiling Botnets in the Cloud – Matt Muir – poke about how attacks are increasing in both severity and sophistication and it seems that defenders haven’t adapted at the same pace.  adversary groups possess an increased awareness of incident response techniques and cloud security mechanisms, which are being leveraged in attacks. Spoke about 2 cloud-focused malware campaigns, where attackers evaded detection and foil attribution with sophisticated methodologies
  • Climbing the Production Mountain: Practical CI/CD Attacks Using CI/CD Goat – Omer Gil, Asaf Greenholts
  • CICD security: A new eldorado (talk) – Remi Escourrou, Xavier Gerondeau, Gauthier Sebaux – spoke about the rise of attacks targeting CI/CD environments – CI/CD pipeline is becoming part of standard infrastructure and increased adoption of Infrastructure as code – this is also becoming the attack surfaces for supply chain attacks
  • Adding DAST to CI/CD, Without Losing Any Friends  – Tanya Janca, Akira Brand
  • Code Dependency: Chinese APTs in Software Supply Chain Attacks – Cheryl Biswas – You cannot talk to Supply chain security without the mention of open source dependencies,  third party code, open source libraries and shared repositories. There was a nod to this and attention drawn to the fact that while Russian APTs have garnered much attention, Chinese APTs have been the force behind more attacks than people may realize – targeting the technology sector for economic espionage and intellectual property theft
  • How to Win Over Executives and Hack the Board – Alyssa Miller
  • Lessons Learned from the CISA COVID Task Force & Healthcare Attacks – Kendra L Martin, Michelle Holko
  • Prowler Open Source Cloud Security: A Deep Dive Workshop – Toni De la Fuente, Sergio Garcia
  • Speeding Up AWS IAM Least Privileges with Cloudsplaining, Elastic Stack & AWS Access Analyzer – Rodrigo Montoro
  • Understanding, Abusing and Monitoring AWS AppStream 2.0 – Rodrigo Montoro – spoke about how Cloud Security World, access keys are the new perimeter, and permissions become the limits for this perimeter. IAM with Least Privilege defines the security posture in an AWS account and one tool which helps with this is cloudsplaining

Recommend a topic

Partner with us

Join the team

Enjoying our content? Don't forget to subscribe!