BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsidesluxembourg-2026//talk//NQDVUB
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsidesluxembourg-2026-NQDVUB@pretalx.com
DTSTART;TZID=CET:20260507T133000
DTEND;TZID=CET:20260507T141000
DESCRIPTION:Cloud misconfigurations still cause saying-it-out-loud 99% of c
 loud security failures\, but in 2026 the mistakes have mutated. Today’s 
 breaches are less “oops\, public bucket” and more over-privileged iden
 tities\, sketchy SaaS integrations\, forgotten test environments\, and dan
 gerously helpful defaults in AI and Kubernetes.\n\nThis talk introduces a 
 modern hierarchy of cloud misconfigurations based on late-2025 and early-2
 026 breach data\, then flips the script from post-incident cleanup to pre-
 deployment prevention using Policy as Code (PaC). Instead of finding probl
 ems after attackers do\, we stop insecure resources from ever being create
 d. We’ll wrap with the Toxic Trilogy\, a practical model for spotting cl
 oud assets that are statistically doomed\, and show how PaC quietly disman
 tles all three conditions before anyone has to open a ticket.
DTSTAMP:20260412T024938Z
LOCATION:Workshops and Stage - Design Space (C1.05.12)
SUMMARY:Cloud Misconfigurations: Poke Poke\, Breach - Kat Fitzgerald
URL:https://pretalx.com/bsidesluxembourg-2026/talk/NQDVUB/
END:VEVENT
END:VCALENDAR