BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//fwd-cloudsec-2026//speaker//LC8V8Z
BEGIN:VTIMEZONE
TZID:PST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T100000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T110000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-fwd-cloudsec-2026-VA3Z8Z@pretalx.com
DTSTART;TZID=PST:20260602T110000
DTEND;TZID=PST:20260602T112000
DESCRIPTION:While we have robust frameworks for protecting endpoints and cl
 oud (first and foremost MITRE ATT&CK)\, the infrastructure that builds our
  software has largely been a "choose your own adventure" of security contr
 ols. This doesn't cut when facing the modern SDLC Infrastructure attacks l
 ike Shai-Hulud\, s1ngularity\, GlassWorm etc. - there is no good "language
 " to describe and analyze them. That's why we built SITF.\n\nThe SDLC Infr
 astructure Threat Framework (SITF) is an open-source methodology for archi
 tecting defensible code-to-cloud environments. SITF shifts the focus from 
 listing isolated risks to mapping the actual flow of an attack across the 
 developer Endpoint/IDE\, VCS\, CI/CD\, Registry\, and Production and gener
 ating tailored security controls. \n\nIt's a framework with focus on pract
 icality. Attendees will learn how to deconstruct a real-world SDLC attack 
 with SITF visualizer\, explore library of 80+ SDLC-specific techniques\, t
 o threat-model their own infrastructure\, and generate a prioritized contr
 ols matrix. A special bonus - we'll demo the usage of Claude skills shippe
 d with the framework to visualize and analyze the new attack in mere secon
 ds.
DTSTAMP:20260502T113340Z
LOCATION:Room 2
SUMMARY:Barbarians at the Gate: Visualizing and Blocking SDLC Infrastructur
 e Threats with SITF - Shay Berkovich
URL:https://pretalx.com/fwd-cloudsec-2026/talk/VA3Z8Z/
END:VEVENT
END:VCALENDAR