fwd:cloudsec
fwd:cloudsec
Podcast Description
fwd:cloudsec is a non-profit conference on cloud security. At this conference you can expect discussions about all the major cloud platforms, both attack and defense research, limitations of security features, the pros and cons of different security strategies, and generally the types of things cloud practitioners want to know, but that don't fit neatly into a vendor conference schedule.
Podcast Insights
Content Themes
The conference covers a range of critical cloud security topics, including management of identity and access, vulnerability research, compliance strategies, and mitigation techniques. Examples of focused discussions include deep dives into vulnerabilities like nOAuth, ways to improve GRC Engineering in AWS, and practical advice on leveraging Microsoft cloud tools for effective threat detection.
fwd:cloudsec is a non-profit conference on cloud security. At this conference you can expect discussions about all the major cloud platforms, both attack and defense research, limitations of security features, the pros and cons of different security strategies, and generally the types of things cloud practitioners want to know, but that don’t fit neatly into a vendor conference schedule.
Speaker: Dan Gansel
Dan Gansel is a cloud security specialist with deep expertise in cloud API research, secure cloud solutions and architecture design. Dan has led cloud security research teams and has a track record of uncovering novel attack techniques in cloud environments.
As a Security Researcher at Upwind Security, Dan continues to push the boundaries of cloud security, focusing on uncovering blind spots in the services organizations trust the most.
Talk:
The Data perimeter is the gold standard for cloud-native security boundary in AWS. It combines all available preventive security tools and guardrails.
In this talk you will learn about a novel attack technique that exploits AWS Bedrock AgentCore’s identity service to establish a fully functional command and control channel (C2) capable of bypassing data perimeter controls – all while using legitimate capabilities. We will demonstrate how an attacker can use two covert channels hidden in plain sight: data exfiltration and unauthenticated data infiltration.
We will demo the complete C2 channel operating end to end – an attacker establishing persistence, issuing commands and exfiltrating sensitive data from an S3 bucket containing user records, all within an enforced data perimeter.
We will also walk through CloudTrail signals which will enable defenders to detect this activity and discuss why new AI services demand security assessment before adoption.
Recorded at fwd:cloudsec North America 2026 – Bellevue, WA
https://fwdcloudsec.org/conference/north-america/
Disclaimer
This podcast’s information is provided for general reference and was obtained from publicly accessible sources. The Podcast Collaborative neither produces nor verifies the content, accuracy, or suitability of this podcast. Views and opinions belong solely to the podcast creators and guests.
For a complete disclaimer, please see our Full Disclaimer on the archive page. The Podcast Collaborative bears no responsibility for the podcast’s themes, language, or overall content. Listener discretion is advised. Read our Terms of Use and Privacy Policy for more details.