BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsides-exeter-2026//speaker//M7VGZL
BEGIN:VTIMEZONE
TZID:GMT
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:GMT
TZOFFSETFROM:+0100
TZOFFSETTO:+0000
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:BST
TZOFFSETFROM:+0000
TZOFFSETTO:+0100
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsides-exeter-2026-VUZCNS@pretalx.com
DTSTART;TZID=GMT:20260425T153000
DTEND;TZID=GMT:20260425T161000
DESCRIPTION:Cloud and container security feels like a scattered puzzle: dev
 elopment standards\, CI/CD pipelines\, guardrails\, runtime security\, log
 ging\, monitoring\, and assurance. Together they form a resilient system\,
  but most teams run them as independent silos\, and that gap is exactly wh
 ere attackers operate. This talk assembles those pieces by showing their c
 ritical connections\, the misconceptions that leave them exposed\, and the
  pitfalls that trip teams up at each stage.\nStart with a question most de
 velopers get wrong: are containers isolated? They are not. Every container
  shares the same kernel\, and that single misconception underpins a whole 
 class of attacks that application-layer tooling cannot see. From there\, t
 he puzzle builds outward. CI/CD pipelines enforce automated checks\, but s
 igning does not mean secure. The 3CX attack produced validly signed malwar
 e that passed every test\, and 83% of organisations still do not verify si
 gnatures. Guardrails maintain compliance\, but 65% of clusters run flat ne
 tworks\, making lateral movement trivial once anything is compromised. Run
 time security addresses the threats that static analysis is blind to entir
 ely. Assurance binds it together\, not as a GRC exercise\, but as a crypto
 graphic chain from commit to runtime that gives defenders something they c
 an actually prove.\nWith 82% of cloud breaches stemming from misconfigurat
 ion across a surface of 15.6 million cloud-native developers\, the problem
  is not a shortage of tools. It is fragmented defences that do not reinfor
 ce each other. The talk closes by connecting the framework to blue team op
 erations: mapping each control layer to realistic SIEM ingestion\, showing
  how those signals connect to threat intelligence\, and working through th
 e operational questions around log preservation\, forensic readiness\, and
  account access that defenders need answered before an incident rather tha
 n during one. A cheat sheet maps every component to detection opportunitie
 s and three actions attendees can take the following morning.\nIf you work
  in detection\, response\, or securing cloud infrastructure\, this talk gi
 ves you the framework\, the attack chains\, and the operational questions 
 to take back to your team.
DTSTAMP:20260501T070548Z
LOCATION:Seminar Room 1
SUMMARY:Cloud & Containers: The Security Puzzle That Locks Tight\, From Pip
 eline and Package to SOC Operations - Ashley Barker
URL:https://pretalx.com/bsides-exeter-2026/talk/VUZCNS/
END:VEVENT
END:VCALENDAR