Karl Ots
Karl Ots breaks and secures cloud stuff for a living — and has been doing it since back when ‘cloud security’ meant locking the server room door. By day, he’s Head of Cloud Security at EPAM Systems, wrangling enterprise-scale chaos across industries and continents.
He’s written books (most recently Securing Microsoft Azure OpenAI), dropped a bunch of cloud security courses on LinkedIn Learning, and collected more acronyms than a compliance checklist (RD, MVP, CISSP, CCSP, SABSA SCF — yeah, it’s a problem).
Karl’s no stranger to the stage — he’s spoken at BSides SF, Microsoft Build, T2, Gartner Security & Risk, InfoSec World, and more. If it involves cloud, misconfigs, or weird edge cases, he’s probably got a story.
Session
Think cloud security is all about stopping attackers at the gates? Think again. The biggest threats in the cloud aren’t zero-days or nation-state actors — they’re misconfigurations. Yep, the stuff we set up wrong ourselves.
After digging into the guts of hundreds of Azure-based solutions across industries, I’ve seen the same security faceplants over and over again — and they’re not just rookie mistakes. In this talk, I’ll walk through the most common cloud security pitfalls I’ve found, why they keep happening, and how to actually fix them. Whether you're a red teamer, blue teamer, or somewhere in between, you’ll walk away with practical takeaways and a few war stories from the trenches.