Aaron helped with the first fwd:cloudsec and has served in multiple roles to bring the conference and community to life. In his day job, he leads security & platform at a health-tech company.

Aled is an experienced security professional focusing primarily on cloud security research, having worked with Microsoft Cloud services for 9+ years. Since establishing Dolphin Labs in 2024, his primary focuses have been exploring nuanced and novel security issues in Microsoft cloud services, developing security tooling, and sharing knowledge and learnings with the wider security community.

Alessandro is a Sr. Threat Research Engineer at Sysdig with a background in penetration testing of web and mobile applications. His research includes cloud and container security, with a specific focus on supply chain attacks and cloud platform exploitation. While studying computer science and engineering at Politecnico di Milano, he participated in various bug bounty programs where he received rewards from several large companies. Alessandro is also a contributor to Falco, an incubation-level CNCF project.

Ari Eitan is a Research Team Lead at Tenable. Ari began his career as a security researcher for the Israeli Defense Force (IDF). He quickly became Head of the IDF’s cyber incident response team (IDF CERT), honing his expertise in incident response, malware analysis, and reverse engineering. Before joining Tenable, Ari was the VP of Research at Intezer and presented his research at several government and information security events, including fwd:cloudsec, AVAR, BSidesTLV, CyberTech, Hack.lu, Hacktivity, Infosec, IP EXPO, Kaspersky SAS, and the Forum of Incident Response and Security Teams (FIRST).

Brad Geesaman is a Staff Security Engineer at Ghost Security and focuses on researching and building cloud-native systems with a security practitioner's mindset. When he’s not hacking on cloud and containerized environments, he enjoys spending time with his family in Virginia, eating Mexican food, and collecting an impractical amount of ebooks.

Caleb is an enterprise architect responsible for Data Security at USAA. He has 19 years of experience in consulting and financial services industries.

Casey Knerr is a cybersecurity engineer at MITRE and the Cloud Lead for the MITRE ATT&CK for Enterprise team, where she provides cloud expertise updating the ATT&CK knowledge base with novel defensive ideas and adversary techniques. Prior to joining MITRE, she worked as a penetration tester and completed a BSFS in Science, Technology, and International Affairs at Georgetown University and an MSc in Computer Science at the University of Oxford. Her specialties and interests include web development, web and cloud security, and international cyber policy. In her spare time, she can often be found flying stunt kites or playing Dungeons & Dragons.

Chris is a senior security consultant and heads up the Cloud Security capability area within WithSecure Consulting. As part of his day to day he leads the global team that deals with various different types of engagements of both a transactional and more bespoke nature. Chris specialises in Microsoft Azure predominantly with GCP and AWS as an additional background.

Daniel is some guy on the internet. He once opened the AWS web console and is now totally an expert in hacking AWS. He is also the Chief Innovation Officer at Plerion where he files TPS reports so that you don't steal his red stapler.

Hi - I'm a TL for Google's Regulated Cloud - our team builds and operates the systems that are used across Cloud and Google to implement different types of compliance and data access controls. These systems enable Google Cloud offerings like Assured Workloads or Access Transparency.

Dr. Diane Lin is CTO at Culminate, which is building auto-pilot for SOC automation. She was Director of Machine Learning at Zscaler. Her team builds effective ML systems, including the one helped FBI to take down Qakbot.

Dr. Lin earned her PhD in Machine Learning from Imperial College London. She is one of the pioneers on AGI, including a stint at MIT where she worked on one-shot learning. Later, she joined Amazon Alexa as a Machine Learning Scientist and made significant contributions to improving Alexa's question-answering abilities. Her innovative work in natural language understanding techniques earned her Amazon's 'think big' award.

Following her time at Amazon, Dr. Lin continued her work in Artificial General Intelligence at the robotics company Vicarious, which was recently acquired by Google DeepMind. Overall, Dr. Lin has a proven track record of success and has made significant contributions to the field of AGI and machine learning throughout her career.

Felipe Espósito also known as Pr0teus, graduated in Information Technology at UNICAMP and has a master's degree in Systems and Computing Engineering from COPPE-UFRJ, both among the top technology universities in Brazil. He has over ten years of experience in information security and IT, with an emphasis on security monitoring, networking, data visualization, threat hunting, and Cloud Security. Over the last years he has worked as a Security Researcher for Tenchi Security, a Startup focused in third-party risk managemnet, he also presented at respected conferences such as Hackers 2 Hackers Conference, BHACK, BSides (Las Vegas and São Paulo), FISL, Latinoware, SecTor, SANS SIEM Summit, and Defcon's CloudSec and Recon Village.

Forrest Brazeal is a cloud architect, writer, speaker, and cartoonist, currently based in Charlotte, NC. He is also an AWS Serverless Hero and an active member of the SFWA. He collects old books in the forlorn hope that someday his children will enjoy reading them as much as he does.

Gavriel Fried is a Senior Security Researcher at Mitiga. Prior to working at Mitiga, Gavriel's history in the cyber security field includes various research positions such as UEBA, Deception, Network and DPI, Red Teaming, Digital Forensics and some Malware Analysis. Gavriel researches potential attacks, anomalies and abuses on cloud services and SaaS

Greg is a tech lead on the Cryptographic Identity team at Block working on establishing secure and verifiable identities in our cloud mesh. He has previously worked in the security engineering and software development space at Google. Past security publishing experiences including REcon and Phrack.

Hillai Ben-Sasson is a security researcher based in Israel. As part of the Wiz Research Team, Hillai specializes in research and exploitation of web applications, application security, and finding vulnerabilities in complex high-level systems.

Ian Ahl, SVP of Permiso’s P0 Labs
- Mandiant 10’ish Years
- Advanced Practices Lead
- Incident Response
- @TekDefense
- USMC

Ian Ferguson is a Staff Engineer at Datadog, where he works in the infrastructure group that builds and operates Datadog’s cloud and Kubernetes platforms.

As an AWS Community Hero and Ambassador, Ian tends to speak his mind when it comes to cloud security. When he's not busy making open-source tools, he's squatting S3 buckets, popping data lakes, and breaking every rule in the AWS Terms of Service. He also has a day job as the Cloud Principal at Kablamo, a cloud consultancy from Sydney, Australia.

Jake Berkowsky, is a Principal Cybersecurity Architect at Snowflake and the engineering lead for their cybersecurity workload. Prior to joining Snowflake, Jake has a diverse background of technical and leadership roles having most recently served as Co-Founder and CTO of a Cloud Consulting and Data Intelligence company. He regularly maintains his experience and interests in the areas of cloud, devops and development and is an active outdoorsman and nature enthusiast.

Jarom is a Sr Lead Security Engineer working on the Bug Bounty/Responsible Disclosure team at Capital One. His previous role was as a software engineer solving problems in the Threat Intel space. He got his start as a full-stack software engineer. While not working he enjoys doing CTFs, bug bounty, tinkering, working out, and relaxing with his family.

Jay Chen is a Cloud Security Researcher with Prisma Cloud and Unit 42 at Palo Alto Networks. He has extensive research experience in cloud security. In his role at Palo Alto Networks, he focuses on investigating the vulnerabilities, design flaws, and adversarial TTPs in cloud-native technologies such as containers and public cloud services. He works to develop methodologies for identifying and remediating security gaps in public clouds and works to protect Prisma Cloud customers from threats.
In previous roles, he has researched mobile cloud security and distributed storage security, and Blockchain. Jay has authored 25+ academic and industrial papers.

With over a decade of hands-on experience with AWS and six years of leadership in infrastructure security, I bring a wealth of knowledge in protecting cloud infrastructure. As a former Senior Engineering Manager of Infrastructure Security at Tinder, I have a proven track record of effectively mitigating critical alerts, optimizing controls, and streamlining security programs and processes.

Kushagra is a Senior Security Engineer at Booking.com in the cloud security space. He previously worked with FinTech scale-ups and in the consulting industry architecting and building solutions in regulated hybrid cloud environments with the goal to make security frictionless. A strong believer of a Cloud-First strategy with a Cloud-Native approach.

Laura Haller is a Senior Cloud Security Engineer at HashiCorp with just under a decade of experience in the fields of security engineering and cloud security. Prior to HashiCorp, she assisted financial institutions such as Capital One and Charles Schwab during their respective migrations from on-prem to AWS and GCP, and received a sometimes-useful-at-defcon Electrical Engineering degree from the University of Illinois. When she’s not spelunking into the depths of Azure during her day job, she finds great value in mentoring women who are new to the field or trying to break in.

Liv Matan is a Senior Security Researcher at Tenable, where he specializes in application and web security.
As a bug bounty hunter, Liv has found several vulnerabilities in popular software platforms, such as Azure, Google Cloud, AWS, Facebook, Gitlab, was recognized as Microsoft's Most Valuable Researcher, and presented at conferences such as DEF CON Cloud Village and fwd:cloudsec. In his free time, he boxes, lift weights and plays Capture the Flag (CTF).

Lizzie Moratti is a penetration testing consultant with a project management background. She specializes in AWS pentesting and releases her research on her personal blog.

Information security professional that has done a little bit of everything, but is now focused on Cloud Security at Tenchi. Visit my blog! https://pomba.net

Matt Jones is an identity management practitioner with over 15 years of experience. Currently, the Identity Infrastructure Lead at Square, Matt manages an organization developing identity, credentials, and access management solutions for a hybrid multi-cloud environment. Previously, at Google, Matt managed the Production PKI team and was the tech lead for Security and Privacy on Google Cloud Storage. Matt has worked in a range of roles across industry and government to make the Internet safer for everyone.

Meg is a Senior Cloud Security Engineer at Alloy, a NYC-based FinTech. As part of her role, she does a bit of everything and everything as relates to AWS and security. Previously, she worked in security and software engineering at Marcus by Goldman Sachs, and received a degree in Honors Mathematics (aka 'math party tricks') from the University of Texas at Austin. Outside of work, Meg enjoys taking ballet classes around the city with her friends.

Mohit Gupta is a principal security consultant at WithSecure, where he specialises in AWS and Kubernetes, and is the technical lead for all things containerisation and orchestration.

Have been building Software and Product Teams for about 25 years and over the last 7 years as a CTO at Softrams, one of the fastest-growing digital services firms working with Federal Agencies, leveraged various strategies and frameworks used in this talk to deliver empowering software solutions, in some of the most demanding environments. We grew from about 40 to 650+ strong team in the last 7 years and supported a variety of workloads and digital transformations for products that have been evolving over 20+ years. I bring a more practical systems approach to building teams and software and a full product life cycle view as a CTO.

Natalia is a cybersecurity professional based in Toronto, Canada. She has over 15 years of experience in cryptography, identity and access management and cloud security. Within the past 3 years Natalia has been doing extensive research in AI security and MLSecOps as a part of her work at Google. She is passionate about open source and mentoring the new generation of cybersecurity specialists.

B.S. in Computer Information Systems and an M.S. in Information Security from Robert Morris University, I bring over 9 years of diverse experience in the IT industry. My career journey has spanned roles in software development, cybersecurity consulting, data loss prevention, threat detection, and threat research. Over the last 6 years, my primary focus has been on the proactive identification of potential threats. I have honed my skills in developing sophisticated methods for detecting these threats, ensuring that defense mechanisms remain a step ahead of malicious actors.

Nathaniel Quist is the Manager for Prisma Cloud’s Threat Intelligence Team, working with Palo Alto Networks’ Unit 42 threat research team to identify and track threat actor groups who target and leverage public cloud platforms, tools, and services. He holds a Master of Science in Information Security Engineering (MSISE) from The SANS Institute and is the author of multiple blogs, reports, and whitepapers published by Palo Alto Networks' Unit 42 and Prisma Cloud and the SANS InfoSec Reading Room.

Nick Frichette is a Staff Security Researcher at Datadog, where he specializes in AWS offensive security. He is known for finding multiple zero-day vulnerabilities in AWS services and regularly publishing on new attack techniques. In addition to his research, Nick is the creator and primary contributor to Hacking the Cloud, an open source encyclopedia of offensive security capabilities for cloud environments. He is also a part of the AWS Community Builder Program, where he develops content on AWS security.

Nir Ohfeld is a senior security researcher at Wiz. Ohfeld focuses on cloud-related security research and specializes in research and exploitation of cloud service providers, web applications, application security, and in finding vulnerabilities in complex high-level systems. Ohfeld and his colleagues disclosed some of the most notable cloud vulnerabilities, including ChaosDB and OMIGOD.

Noam Dahan is a Staff Security Researcher at Tenable with several years of experience in embedded security and cloud security. He previously spoke at Black Hat USA, DEF CON Cloud Village, DEF CON DemoLabs and fwd:cloudsec. Noam was a competitive debater and is a former World Debating Champion.

Omar ElAhdan is a Principal Incident Response and Remediation Consultant at Google Cloud / Mandiant. He specializes in leading remediation engagements, providing tactical and strategic recommendations for hardening infrastructure and cloud environments during and after cyber incidents.

Prahathess Rengasamy is a Security engineer focusing on security engineering and automation, striving to enhance efficiency and robustness across various security domains. Previously securing products and clouds at Block, Apple, and CreditKarma, currently focussed on building the next big thing

Rami is a bit of a security wonk. Most recently, he helped build the Infrastructure Security program at Figma. Before that, he worked as a security consultant and helped scale security for a health-tech unicorn. He writes about security over at ramimac.me and for tldrsec.com.

Ram is a Principal Security Research Manager at Microsoft Defender for Cloud. Ram gained his expertise from over a decade of service with the IDF Intelligence Corp, where he led teams of security researchers and software developers.

He is currently the Co-founder/CEO of Culminate Inc. A company that builds an AI SOC analyst that investigates every alert like a tier-1 analyst and augment the rest of the SOC.

Previously, he built attack path analysis, polygraph threat detection, and CIEM at Lacework. Before Lacework, he worked in two early stage security companies. He was the Head of Research at Confluera (an XDR company acquired by XMCyber). Earlier than that, he was an Engineering Manager at Tetration (a CWPP company acquired by Cisco). Along his career building detection and response tools, he has investigated dozens of security incidents involving sophisticated attacks in data center and cloud.

He has authored 40+ patents and publications. He has presented multiple times at Black Hat, DEFCON and others conferences. He is also a MITRE ATT&CK contributor and has disclosed vulnerabilities in critical software. He holds a PhD from New York University.

Rodrigo Montoro has more than 24 years of experience in Information Technology and Computer Security. Most of his career worked with open source security software (firewalls, IDS, IPS, HIDS, log management, endpoint monitoring), incident detection & response, and Cloud Security. Currently, he is Head of Threat & Detection Research at Clavis Security. Before that, he worked as Cloud Researcher at Tenchi Security, Head of Research and Development at Apura Cyber Intelligence, SOC/Researcher at Tempest Security, Senior Security Administrator at Sucuri, Researcher at Spiderlabs. Author of 2 patented technologies involving innovation in the detection field. One is related to discovering malicious digital documents. The second one is in how to analyze malicious HTTP traffic. Rodrigo has spoken at several opensource and security conferences (Defcon Cloud Village, OWASP AppSec, SANS (DFIR, SIEM Summit & CloudSecNext), fwdcloudsec (USA), Toorcon (USA), H2HC (São Paulo and Mexico), SecTor (Canada), CNASI, SOURCE, ZonCon (Amazon Internal Conference), Blackhat Brazil, BSides (Las Vegas e SP)).

Sam is the CTO & co-founder of Tracebit where he’s building a platform that deploys and leverages cloud honeypots for intrusion detection. He previously led engineering teams to architect and build cloud-native SMTP gateways at scale at Tessian. He’s interested in all things cloud security and is particularly susceptible to going down any rabbit holes involving CloudTrail!

Scott Weston is a remote Senior Security Consultant at NetSPI based out of Minneapolis, MN. He has 3-4 years of experience in information security/pentesting with his involvement including general web applications, GraphQL, AWS, and GCP. He has contributed to the open-source AWS pentesting tool, Pacu, by adding an enumeration module for AWS Organizations. He also created a large AWS deck designed for beginners to present to the local San Diego Defcon group located here(https://www.linkedin.com/posts/webbinroot_aws-from-zero-to-pacu-activity-6996999634782994432-q0oy/). He has participated in some bug bounties/VDPs and is mentioned on the International Committee of the Red Cross (ICRC) hall of fame(https://www.icrc.org/en/vulnerability-disclosure/hall-of-fame). He has recently been working on developing tooling for GCP pentesting. In his spare time, he enjoys pursuing individual bug bounties and interesting avenues of pentesting.

I’m a Cloud Security Engineer with mainly experience in AWS. Among my roles, I completed an internship in Amazon and support a digital bank to secure its assets in the cloud for 2 years. I’m passionate about cloud automation, even more if it helps to ease the security management. Currently, I am working at Prowler being one of the maintainers of Prowler Open Source, since 2 years.

Stefano Chierici is a Threat Research Lead Manager at Sysdig, where his research focuses on defending containerized and cloud environments from attacks ranging from web to kernel. Stefano is one of the Falco contributors to an incubation-level CNCF project. He studied cyber security in Italy, and before joining Sysdig, he was a pentester. He obtained the OSCP Certification in 2019. He was a security engineer and a red team member.

Stephanie [pronounced Stephanie] is a Security Engineer in the Cloud Security Team at Block. Previously has worked in Identity and Access as well as Infrastructure teams throughout her career.

I’m the creator of Prowler Open Source, the tool for cloud security, co-founder and CTO at Prowler. I also worked for AWS as senior security engineer, senior security consultant and incident responder. I’m passionate about FLOSS (Free Libre Open Source Software) in general and Information Security, Incident Response and Digital Forensics in particular. I like everything related to cloud computing and automation. Over the last 25 years done some things for security and the Open Source community like phpRADmin, Nagios plugins, Alfresco BART (backup tool). I’ve also contributed in books and courses related to Linux, Monitoring and AWS Security for Packt Publishing. I spoke on many conferences including BlackHat, DEFCON, RootedCon, BSides Vegas, BSides Augusta and others.

Tyler Warren helps lead USAA's cloud security engineering teams and has over 10 years experience in IT. Outside of work, he enjoys cheering on his hometown team, the San Antonio Spurs, and spending time chasing his raucous young son with his amazing wife.

For over 13 years Tyson has been securing cloud environments either his own at a Packetloop (the first big data security analytics company that was 100% cloud based), or for customers where whilst at AWS where he worked with multiple service teams on helping define the AWS Security Foundational Best Practices standard and the AWS config conformance packs in addition to other control guidance many AWS customers rely on. Now at TrustOnCloud, as well as being CTO, Tyson is a Principal researcher.

Nelson William Gamazo Sanchez is a Principal Researcher at Palo Alto Networks, currently working on Cloud Security. Prior to joining Palo Alto Networks he was a Threat Security Researcher at ZDI Trend Micro, in the Threat Hunting Team, leading the ITW hunting initiative where he published and presented multiple and unique findings. He has worked in the security field since 2000, playing different roles in multiple security-oriented companies, including anti-malware and computer forensics companies where he has worked in multiple areas as reversing engineer, vulnerability analyst, vulnerability researcher and threat researcher. Nelson William Gamazo Sanchez is an engineering graduate and has a Master's degree in Teleinformatics.

Will Silverstone is a Senior Consultant at Google Cloud / Mandiant. In addition to delivering proactive cloud security assessments and transformation, Will has extensive experience leading large-scale incident response remediation engagements across major cloud platforms.

Yotam has spent the last ten years managing and responding to some of the most sophisticated global cyber operations. He’s worked with technical teams and executives to defeat attacks and leverage cyber as a competitive advantage across incident response, purple teaming, posture enhancements, and executive wargames. In his current role, Yotam focuses on developing cloud-specific incident response methodology and collaborating with practitioners on developing robust cloud security frameworks. Yotam’s previous positions include Director of Incident Response at Sygnia and command positions in the IDF.