SANS Cloud Security Exchange Summit & Training 2026

Mon, Aug 17 - Sun, Aug 23, 2026
8 Courses
12 CPEs (Summit Only)
English

Hyatt Regency San Francisco Downtown SOMA & Virtual (PT)

50 Third Street, San Francisco, CA 94103

SANS Cloud Security Exchange Summit & Training 2026

Jump to:

Event Highlights
Courses
Speakers
Sponsors
Schedule
Location

In Partnership with Microsoft, Google and ASW

Summit: August 17-18 | Training: August 19-23 | Summit Co-Chairs: Frank Kim & Eric Johnson | In-Person CPE Credits: 12

Two Cloud Events. One Summit Stage.

We’re bringing the SANS Cloud Security Exchange to the Summit stage in San Francisco.

Slide 1 of 2
Slide 2 of 2

As we celebrate the fifth year of the SANS Cloud Security Exchange, we’re bringing it together with our SANS CloudSecNext Summit for the first time—live on stage in San Francisco.

The SANS Cloud Security Exchange Summit & Training brings the world’s leading names in cloud and AI security experts together with top practitioners to share real-world insights, case studies, and hands-on technical training to help you build and maintain modern cloud environments, shaped by automation, artificial intelligence (AI), and scale.

Designed for both seasoned practitioners and leaders—as well as those newer to cloud security—the Summit delivers practical guidance, forward-looking discussions, and opportunities to learn directly from peers shaping cloud security today.

Choose Your Experience

In-Person | All-Access

Day 1

SANS Cloud Security Exchange sessions, live on stage, delivering high-impact technical talks, a panel discussion, live Q&A, and multi-cloud perspectives
Hands-on workshops
Leadership and New to Cyber breakout sessions
Networking with Summit Chairs, speakers, and peers, including meals and an evening reception

Day 2

Summit talks focused on AI and cloud security
Hands-on workshops
Continued networking with speakers and peers

Live Online | Select Talks

Day 1: SANS Cloud Security Exchange | Separate registration is required to attend Cloud Security Exchange sessions virtually on Day 1. *Registration for these sessions opens soon—stay tuned!
Day 2: Summit Talks

Who Should Attend

Security professionals who are responsible for securing public cloud infrastructure and services
Cloud security analysts, engineers, architects, and managers
Tech and security leaders advising on cloud risks and strategies
Practitioners seeking insights on cloud security, automation, threat detection, and GenAI
Don't miss this opportunity to connect, learn, and level up your cloud security game with some of the brightest minds in the industry!

Enhance your Summit experience by pairing it with a hands-on, immersive course taught by SANS instructors and course authors, offered immediately after the event.

What Attendees Say

Slide 1 of 4
Great way to step back from day-to-day security controls to see the transformational themes our industry is facing. There was a good combination of technical talks with actionable tips for the next 30 days, mixed with themes our org will see over the next 30 days, mixed with themes our org will see over the next 3-5 years.
Will C.
Slide 2 of 4
The Summit is great for those who have direct use/control of Cloud infrastructure. A wealth of information and experiences for those getting into the field and as always, there were great networking opportunities.
Chris S.
Slide 3 of 4
I find the real-life experiences and lessons-learned to be extremely valuable.
Roger W.
Slide 4 of 4
The Summit provided valuable insight from colleagues in security regarding process tooling, and opportunities that can be encountered in the cloud. The time to network and discuss challenges was invaluable.
Johnny R.

Summit Highlights

Cloud Security Exchange Sessions

The world's leading cloud providers come together with today's top cybersecurity minds. Expect world-class technical sessions, live Q&A with industry experts, proven strategies for multi-cloud, Zero Trust, and AI-driven defense.

Technical Talks, Interactive Sessions and Hands-On Workshops

The industry's top practitioners will share their latest cloud security insights, research, solutions, tools, and case studies.

One-Of-A-Kind Networking with The Top Minds In Cloud Security

You’ll have the chance to engage with Summit Chairs, speakers, and your peers in the community for deep-dive discussions, and casual chats over breaks, meals, and evening receptions.

Summit Night Out

The days will be filled with the latest in cloud security, but the fun goes up a notch at night for those joining us in San Francisco.

Solutions Expo Hall

Explore new cloud security technologies and solutions and connect with service providers supporting today’s cloud environments.

World-Class SANS Courses

Enhance your knowledge base and add to your toolkit by bundling your Summit experience with a hands-on, immersive course taught by SANS instructors and course authors.

Jason Lam: Teacher Talking in Front of a Classroom

Early Bird Offer

Save $500 USD using the code "EarlyBirdNA" and pay for any 4-6 day course (excluding Beta Courses and 300 Level Courses) by July 2, 2026.

Register

Summit and Course Registration

from $8,260 USD

In personIncludes

Course: Live Instructor Training with Hands-On Exercises
Summit: 6 CPE Credits - When You Attend Day 2 Talks Live
Summit: Cloud Security Exchange Sessions
Summit: Talks, Break Out Sessions, and Hands-On Workshops
Summit: Unmatched Networking
Summit: Evening Reception
Summit: Access to Summit Exhibit Hall
Summit: Lunch and light refreshments will be provided during the event and scheduled breaks

Select course to Enroll

Live onlineIncludes

Course: Virtual Live Instructor Training with Hands-on Exercises
Summit: Access to Select Summit Talks on Day 2
Summit: Interactive Chat on Slack
First Access to Approved Recordings and Decks

Select course to Enroll

Summit Registration Only

from Free

$525 USD*Prices exclude applicable local taxes

In personIncludes

Cloud Security Exchange Sessions
Talks, Break Out Sessions, and Hands-On Workshops
Unmatched Networking
Evening Reception
Access to Summit Exhibit Hall
Lunch and light refreshments will be provided during the event and scheduled breaks
First Access to Approved Recordings and Decks
12 CPE Credits, 6 Per Day

Attend In PersonLogin to register

Free

Live onlineIncludes

Access to Select Summit Talks on Day 2
Interactive Chat on Slack
First Access to Approved Recordings and Decks
6 Summit CPE Credits - When You Attend Day 2 Talks Live

Important Dates

Refund Deadline:: July 31, 2026
Hotel Group Discount Deadline:: July 24, 2026

Courses

Looking for Group Purchasing? Contact Us

Showing 8 of 8

Filter by:

SEC522: Application Security: Securing Web Applications, APIs, and Microservices

SEC522Cloud Security

GIAC Certified Web Application Defender
5 Days
36 CPEs
Jason Lam

Starts 19 Aug 2026 at 8:30 AM PT
$8,260 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC540: Cloud Native Security and DevSecOps Automation

SEC540Cloud Security

GIAC Cloud Security Automation
5 Days
38 CPEs
Dakota Riley

Starts 19 Aug 2026 at 8:30 AM PT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC510: Cloud Security Engineering and Controls

SEC510Cloud Security, Artificial Intelligence

SEC510: Cloud Security Controls and Mitigations

GIAC Public Cloud Security
5 Days
38 CPEs
Simon Vernon

Starts 19 Aug 2026 at 8:30 AM PT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC541: Cloud Security Threat Detection

SEC541Cloud Security

GIAC Cloud Threat Detection
5 Days
30 CPEs
Ryan Nicholson

Starts 19 Aug 2026 at 8:30 AM PT
$8,260 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC549: Cloud Security Architecture

SEC549Cloud Security

GIAC Cloud Security Architecture and Design
5 Days
30 CPEs
David Hazar

Starts 19 Aug 2026 at 8:30 AM PT
$8,260 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

LDR516: Strategic Vulnerability and Threat Management

LDR516Cybersecurity Leadership

LDR516: Building and Leading Vulnerability Management Programs

5 Days
30 CPEs
Kevin Garvey

Starts 19 Aug 2026 at 8:30 AM PT
$8,260 USD (Course)
*Prices exclude applicable local taxes

View course details

SEC502: Cloud Security Tactical Defense

SEC502Cloud Security

GIAC Cloud Security Essentials
5 Days
36 CPEs
Kenneth G. Hartman

Starts 19 Aug 2026 at 8:30 AM PT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC545: GenAI and LLM Application Security

SEC545Cloud Security, Artificial Intelligence

GIAC AI Platform Security
5 Days
30 CPEs
Jon Zeolla

Starts 19 Aug 2026 at 8:30 AM PT
$8,260 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

Featured Speakers

Dr. Anton Chuvakin

Security Advisor at Office of the CISO at Google Cloud

Dr. Anton Chuvakin is a security advisor in Google Cloud’s Office of the CISO, helping shape global cloud security strategy.

Learn more

Jason Clinton

Deputy CISO at Anthropic

Jason joined Anthropic in April 2023 as its first CISO after more than a decade at Google, where he most recently led Chrome infrastructure security working on defense against advanced persistent threats.

Learn more

Chris Cochran

Field CISO and Vice President of AI Security at SANS Institute

Chris Cochran is a Marine Corps veteran, cybersecurity leader, and strategist with deep expertise in threat intelligence, security operations, emerging technology, and executive leadership.

Learn more

Eric Johnson

Principal Security Engineer at Puma Security

Eric Johnson is a Fellow at the SANS Institute and Principal Security Engineer at Puma Security. He leads hands-on training in SEC540: Cloud Native Security and DevSecOps Automation, co-authors SEC549 and SEC510, and develops open-source tools to help practitioners secure cloud pipelines.

Learn more

Frank Kim

Venture Advisor at YL Ventures

SANS Fellow Frank Kim helps to develop the next generation of CISOs and cyber leaders while teaching LDR512 and LDR514.

Learn more

Wesley Kuzma

Sr. Director Security Architecture at Microsoft

Wesley Kuzma has over 17 years of experience in cybersecurity and currently serves as the Sr. Director Security Architecture within Microsoft's Engineering & Architecture Group.

Learn more

Thank You To Our Sponsors

Schedule

Summit Dates

August 17-18

Training Dates

August 19-23

Showing 1 of 31

Filter by:

Select day:

Speaker's Reception

06:00PM - 08:00PM PDT

In-Person

Breakfast & Credential Pick Up

07:30AM - 09:00AM PDT

In-Person

Opening Remarks

09:00AM - 09:15AM PDT

In-Person & Virtual

Presented by

Frank Kim

Venture Advisor at YL Ventures

Eric Johnson

Principal Security Engineer at Puma Security

AWS | Agentic Security: Detection and Response at Machine Speed

Organizations are deploying autonomous AI agents into production at scale: agents that authenticate, execute multi-step workflows, and make decisions across cloud infrastructure. These agents operate at machine speed, which means security operations must too.

09:15AM - 10:00AM PDT

In-Person & Virtual

Presented by

Gee Rittenhouse

Vice President, Security Services at AWS

Eric Johnson

Principal Security Engineer at Puma Security

GOOGLE | Never Trust an Algorithm: Applying Zero Trust Principles to Secure AI and Agent Infrastructures

The rapid shift to autonomous AI agents in the cloud is accelerating security concerns. Traditional, human-centric systems are overwhelmed by the millions of new digital identities agents create, exacerbating issues like compromised identities (the source of over 70% of cloud breaches) and sophisticated agent hijacking attacks.

10:00AM - 10:45AM PDT

In-Person & Virtual

Presented by

Dr. Anton Chuvakin

Security Advisor at Office of the CISO at Google Cloud

Dave Shackleford

Founder at Voodoo Security

Break

10:45AM - 11:00AM PDT

In-Person & Virtual

MICROSOFT | Governing the Agentic Enterprise: A Security Architecture Imperative for Autonomous AI Systems

Agentic AI represents a structural shift in enterprise software, not an incremental improvement. For decades, organizations built security frameworks around a foundational assumption: humans make decisions, machines execute them. Agentic systems invert that model. They reason, plan, and act autonomously across identities, data stores, tools, and other agents, operating at machine speed in environments designed for human-paced decisions.

11:00AM - 11:45AM PDT

In-Person & Virtual

Presented by

Wesley Kuzma

Sr. Director Security Architecture at Microsoft

Chris Cochran

Field CISO and Vice President of AI Security at SANS Institute

Fireside Chat with Keynote Speakers

Fireside Chat with AWS, Google and Microsoft Keynote Speakers

11:45AM - 12:30PM PDT

In-Person & Virtual

Panelists

Dr. Anton Chuvakin

Security Advisor at Office of the CISO at Google Cloud

Wesley Kuzma

Sr. Director Security Architecture at Microsoft

Gee Rittenhouse

Vice President, Security Services at AWS

Moderated by

Frank Kim

Venture Advisor at YL Ventures

Lunch

12:30PM - 01:45PM PDT

In-Person & Virtual

To Be Announced

01:45PM - 02:30PM PDT

In-Person & Virtual

Closing Remarks

02:30PM - 02:45PM PDT

In-Person & Virtual

Presented by

Frank Kim

Venture Advisor at YL Ventures

Eric Johnson

Principal Security Engineer at Puma Security

Break

02:40PM - 03:00PM PDT

In-Person & Virtual

WORKSHOP | Google Cloud Security Agentic SOC Workshop

Step into the future of cyber defense. This hands-on experience is designed for security practitioners ready to move beyond AI hype into real-world application. Learn how AI agents can help you investigate, triage, and respond to threats at machine speed through practical exercises, real-world scenarios, and an interactive CTF challenge.

03:00PM - 06:00PM PDT

In-Person

WORKSHOP | Microsoft Hands On Workshop

03:00PM - 06:00PM PDT

In-Person

WORKSHOP | AWS Hands On Workshop

03:00PM - 06:00PM PDT

In-Person

Summit Social

05:30PM - 08:00PM PDT

In-Person

Breakfast & Solutions Expo

07:30AM - 09:00AM PDT

In-Person

Opening Remarks

09:00AM - 09:10AM PDT

In-Person & Virtual

Presented by

Frank Kim

Venture Advisor at YL Ventures

Eric Johnson

Principal Security Engineer at Puma Security

KEYNOTE: An Update from the Scaling Laws Frontier

We'll cover the latest on AI-enabled nation state activity from Anthropic's view, including Mythos-class models; frontier model cyber capabilities to help defenders succeed against AI-augmented attacks; and what the future of model scaling has in store for cyber, engineering, and SDLC right around the corner.

09:10AM - 09:50AM PDT

In-Person & Virtual

Presented by

Jason Clinton

Deputy CISO at Anthropic

Who's Really Calling? Decoding Identity Context to Catch Service Principal and Managed Identity Abuse

Machine identities now vastly outnumber humans in most Azure tenants, and they are routinely over-permissioned, long-lived, and sparsely monitored. When a service principal deletes diagnostic settings or a managed identity writes to a storage account, the analyst staring at the Activity Log has to answer a deceptively hard question: which identity actually did this, and on whose behalf?

09:50AM - 10:15AM PDT

In-Person & Virtual

Presented by

Lydia Graslie

Senior Threat Research Engineer at Sysdig

Securing AI/LLM Workloads in CI/CD: Automated Risk Mapping and Attack Simulation in Cloud Pipelines

Most teams integrating LLMs into cloud applications are flying blind in their pipelines. They have added scanners and perhaps some guardrails, but they do not actually know whether those controls hold up against real attacks. This session explores a practical approach to closing that gap.

10:20AM - 10:45AM PDT

In-Person & Virtual

Presented by

Alejandro Aucestovar

Security Architect at First Databank

Break

10:50AM - 11:20AM PDT

In-Person & Virtual

When AI and Cloud Collide: Real-World Integration Failures

11:20AM - 11:45AM PDT

In-Person & Virtual

Presented by

Jason Kao

Founder at Fog Security

Beyond the Prompt: Infrastructure Hardening for Scalable Agentic AI

While the security community remains hyper-focused on LLM-specific threats like prompt injection, real-world enterprise deployments reveal that the most critical vulnerabilities often lie in the underlying architecture. This session explores hard-learned lessons from several Generative AI (GenAI) deployments, moving past theoretical risks to address the infrastructure failures that break production environments.

11:50AM - 12:15PM PDT

In-Person & Virtual

Presented by

Zach Schramm

Technical Account Manager at Google Cloud Public Sector

Breaking BOTS II: Trusting Agentic AI in the Cloud SOC

When an AI is 70% accurate at automating each task of a 10-task investigation, 97% of cases end up incomplete, and that is the optimistic scenario. This session explores efforts to close that gap for cloud and SOC investigations.

12:15PM - 12:40PM PDT

In-Person & Virtual

Presented by

Leo Meyerovich

CEO at Graphistry, Inc.

Lunch

12:50PM - 01:45PM PDT

In-Person & Virtual

Panel Discussion - TBD

01:45PM - 02:30PM PDT

In-Person

WORKSHOP: Google Cloud Security Agentic SOC Workshop

02:45PM - 04:45PM PDT

In-Person

WORKSHOP: Microsoft Hand On Workshop

02:45PM - 04:45PM PDT

In-Person

WORKSHOP: AWS Hand On Workshop

02:45PM - 04:45PM PDT

In-Person

SANS@Night: Guardrails for AI Coding

Generative AI is quickly becoming a default part of the software development lifecycle. Faster delivery can also increase security risk, operational fragility, and decisions that are difficult to review or audit after the fact.

This session focuses on AI coding guardrails: practical, developer-friendly controls that help teams adopt coding assistants with confidence while maintaining strong security, governance, and assurance. We will walk through four maturity levels for agentic coding controls.

06:00PM - 07:00PM PDT

In-Person & Virtual

Presented by

Jon Zeolla

Founder and CEO at Zenable

Live-Online Registration

Hyatt Regency San Francisco Downtown SOMA

Hotel Special Rates and Reservations

A special discounted rate of $269.00 S/D plus applicable taxes will be honored based on space availability. A limited number of Government Per Diem rooms at the prevailing rate are available with proper ID.

There currently is a daily destination fee of $35. This is waived for all SANS attendees who book through the links below.

These rates include Internet in your room and are only available through Friday, July 24, 2026.

Book A Reservation Book A Government Per Diem Reservation

Hyatt Regency San Francisco Downtown SOMA

3 Reasons To Stay At The Event Venue

Ultimate Convenience
Eliminate the hassle of daily commutes and wasted travel time. You’ll have everything you need—from your training to dining and amenities - all in one centralized, convenient location.
Seamless Networking Opportunities
Stay where the action is! Maximize your chances to connect with fellow cybersecurity professionals and industry leaders - from impromptu conversations in the lobby to exclusive after-hours events.
All Day, All Event Access
SANS live training events include bonus sessions exclusively at the venue. Staying on-site ensures you won’t miss these opportunities to grow your network and engage with peers beyond the conference agenda.

Business People Shaking Hands and Smiling

More Information

Stay at this Downtown San Francisco Hotel on Market Street in SoMa In SoMa, San Francisco’s arts district, the city’s cutting-edge creative scene is alive and well. Here, California’s contemporary art museums sit shoulder to shoulder with the renowned Yerba Buena Center for the Arts, SF Museum of Modern Art (SFMOMA), fine dining restaurants and artisanal coffee shops. Located on the south of Market Street, Hyatt Regency San Francisco Downtown SoMa is a sophisticated destination hotel close to Salesforce Tower, the Moscone Center and some of the city’s most innovative and stimulating sights.

SEC536: Adversarial AI - Penetration Testing AI Systems

SANS Cloud Security Exchange Summit & Training 2026

Share

Two Cloud Events. One Summit Stage.

Choose Your Experience

In-Person | All-Access

Live Online | Select Talks

Who Should Attend

What Attendees Say

Summit Highlights

Cloud Security Exchange Sessions

Technical Talks, Interactive Sessions and Hands-On Workshops

One-Of-A-Kind Networking with The Top Minds In Cloud Security

Summit Night Out

Solutions Expo Hall

World-Class SANS Courses

Register

Summit and Course Registration

Summit Registration Only

Courses

GIAC Certification

Extra 4 Months of Course Access

SEC522: Application Security: Securing Web Applications, APIs, and Microservices

Quick view

SEC540: Cloud Native Security and DevSecOps Automation

Quick view

SEC510: Cloud Security Engineering and Controls

Quick view

SEC541: Cloud Security Threat Detection

Quick view

SEC549: Cloud Security Architecture

Quick view

LDR516: Strategic Vulnerability and Threat Management

Quick view

SEC502: Cloud Security Tactical Defense

Quick view

SEC545: GenAI and LLM Application Security

Quick view

Featured Speakers

Dr. Anton Chuvakin

Jason Clinton

Chris Cochran

Eric Johnson

Frank Kim

Wesley Kuzma

Thank You To Our Sponsors

Schedule

Summit Dates

Training Dates

Speaker's Reception

Breakfast & Credential Pick Up

Opening Remarks

AWS | Agentic Security: Detection and Response at Machine Speed

GOOGLE | Never Trust an Algorithm: Applying Zero Trust Principles to Secure AI and Agent Infrastructures

Break

MICROSOFT | Governing the Agentic Enterprise: A Security Architecture Imperative for Autonomous AI Systems

Fireside Chat with Keynote Speakers

Lunch

To Be Announced

Closing Remarks

Break

WORKSHOP | Google Cloud Security Agentic SOC Workshop

WORKSHOP | Microsoft Hands On Workshop

WORKSHOP | AWS Hands On Workshop

Summit Social

Breakfast & Solutions Expo

Opening Remarks

KEYNOTE: An Update from the Scaling Laws Frontier

Who's Really Calling? Decoding Identity Context to Catch Service Principal and Managed Identity Abuse

Securing AI/LLM Workloads in CI/CD: Automated Risk Mapping and Attack Simulation in Cloud Pipelines

Break

When AI and Cloud Collide: Real-World Integration Failures

Beyond the Prompt: Infrastructure Hardening for Scalable Agentic AI

Breaking BOTS II: Trusting Agentic AI in the Cloud SOC

Lunch

Panel Discussion - TBD

WORKSHOP: Google Cloud Security Agentic SOC Workshop

WORKSHOP: Microsoft Hand On Workshop

WORKSHOP: AWS Hand On Workshop

SANS@Night: Guardrails for AI Coding