BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//fwd-cloudsec-2026//talk//MNTWHG
BEGIN:VTIMEZONE
TZID:PST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T100000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T110000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-fwd-cloudsec-2026-MNTWHG@pretalx.com
DTSTART;TZID=PST:20260601T154000
DTEND;TZID=PST:20260601T160000
DESCRIPTION:Cloud detection rules break silently. You write one\, deploy it
 \, and the only feedback is silence — which could mean no attacks\, or c
 ould mean your rule stopped working three months ago. When you're maintain
 ing rules across multiple cloud providers\, the problem compounds: differe
 nt telemetry\, different log formats\, etc. We wanted a better feedback lo
 op\, so we reached for attack simulation.\n\nWe started with Threatest\, D
 atadog's open-source framework for pairing cloud attack execution with det
 ection validation. It gave us a solid foundation — but we hit its limits
  fast. We run a different SIEM\, we needed custom attack techniques\, and 
 we wanted tighter control over execution and results. So we extended it. T
 his talk is about what we built\, what surprised us along the way\, and th
 e mistakes we'd avoid if we were starting over.\n\nIf your team is weighin
 g whether to invest in building something like this rather than buying a c
 ommercial alternative\, we hope our experience gives you an honest picture
  of what that actually looks like.
DTSTAMP:20260502T124501Z
LOCATION:Room 1
SUMMARY:Lessons From Building a Cloud Attack Simulation Program - Pavel Lin
 eitsev
URL:https://pretalx.com/fwd-cloudsec-2026/talk/MNTWHG/
END:VEVENT
END:VCALENDAR