At the end of June, I had the chance to attend fwd:cloudsec North America 2025 in Denver, Colorado. For those unfamiliar, fwd:cloudsec is a community-driven, non-profit conference focused on cloud security research, offensive techniques, and defensive strategies. What makes it unique is its vendor-agnostic spirit: you won’t find flashy marketing keynotes or sales pitches here just practitioners sharing what really works (and what doesn’t) in securing the cloud.

The conference ran June 30 – July 1, with two packed days of deep technical talks, hallway discussions, and a strong community vibe. All talks are recorded and available on the official YouTube playlist
Why I Attended
As someone who spends most of my time on Kubernetes, Azure, and multi-cloud security strategy, fwd:cloudsec is one of the rare conferences that consistently delivers fresh, practical insights. My goals this year were to:
- Learn from the latest offensive research and translate it into stronger threat models.
- See how others are balancing platform guardrails vs. application-level controls.
- Connect with peers facing similar large-scale challenges in runtime security, IAM complexity, and SaaS integrations.
Sessions That Shaped My Thinking
Maxime.