At the end of June, I had the chance to attend fwd:cloudsec North America 2025 in Denver, Colorado. For those unfamiliar, fwd:cloudsec is a community-driven, non-profit conference focused on cloud security research, offensive techniques, and defensive strategies. What makes it unique is its vendor-agnostic spirit: you won’t find flashy marketing keynotes or sales pitches here just practitioners sharing what really works (and what doesn’t) in securing the cloud.

The conference ran June 30 – July 1, with two packed days of deep technical talks, hallway discussions, and a strong community vibe. All talks are recorded and available on the official YouTube playlist

Why I Attended

As someone who spends most of my time on Kubernetes, Azure, and multi-cloud security strategy, fwd:cloudsec is one of the rare conferences that consistently delivers fresh, practical insights. My goals this year were to:

• Learn from the latest offensive research and translate it into stronger threat models.
• See how others are balancing platform guardrails vs. application-level controls.
• Connect with peers facing similar large-scale challenges in runtime security, IAM complexity, and SaaS integrations.

Sessions That Shaped My Thinking

• Farewell False Positives: Building Trustworthy AI for IaC Analysis | Emily Choi-Greene

• Breaking AI Agents: Exploiting Managed Prompt Templates to Take Over Amazon Bedrock Agents | Jay Chen

• Bypassing AI Security Controls with Prompt Formatting | Nathan Kirk

• I SPy: Rethinking Entra ID research for new paths to Global Admin | Katie Knowles

• You Are Not Netflix: How to learn from conference talks |  Rami McCarthy

• The Good, the Bad, and the Ugly: Hacking 3 CSPs with 1 Vulnerability | Andres Riancho

• ECS-cape – Hijacking IAM Privileges in Amazon ECS | Naor Haziz

• whoAMI: Discovering and exploiting a large-scale AMI name confusion attack | Seth Art

• Read Between The Logs: A New Vulnerability in Gemini Cloud Assist Proves the Threat is Real | Liv Matan

Maxime.