SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
CloudSecNext Summit & Training 2025
- Thu, Oct 2 - Thu, Oct 9, 2025
- 10 Courses
- 12 CPEs (Summit Only)
- English
Embassy Suites by Hilton Denver Downtown & Virtual (MT)
1420 Stout Street, Denver, CO 80202
- Slide 1 of 2
- Slide 2 of 2
Summit Highlights
Highly Technical Talks and Sessions
The industry's top practitioners will share their latest cloud security techniques, tools, case studies, and solutions.
One-Of-A-Kind Networking With The Top Minds In Cloud Security
You’ll have the chance to engage with Summit Chairs, speakers, and your peers in the community for deep-dive discussions, and casual chats over breaks, meals, and evening receptions.
Summit Night Out
The days will be filled with the latest in cloud security, but the fun goes up a notch at night for those joining us in Denver.
Solutions Expo Hall
Explore the latest tools and solutions in cloud security.
World-Class SANS Cloud Security Courses
Enhance your knowledge base and add to your toolkit by bundling your Summit experience with a hands-on, immersive course taught by top SANS instructors and course authors.
Register
SEC522: Application Security: Securing Web Applications, APIs, and Microservices
SEC522Cloud Security
- GIAC Certified Web Application Defender
- 6 Days
- 36 CPEs
- Dr. Johannes Ullrich
- Starts 4 Oct 2025 at 8:30 AM MT
- $8,780 USD (Course)
- $999 USD (Certification)
- *Prices exclude applicable local taxes
Keynote | To Be Announced
Summit Day 109:00AM - 09:45AM MDTIn-Person
Break
Summit Day 109:45AM - 10:00AM MDTIn-Person
How I Learned to Stop Worrying and Love Vibe Coding: Security Edition
As a security professional, watching AI-generated code seep into production feels like a nightmare. It’s incredibly fast to write and looks convincing—but it’s often wrong.
In-Person
Snakes on a (Control) Plane: Purple Teaming Azure IAM for Threat Detection
Cloud-based identity security is notoriously slippery: every cloud has a different security philosophy and the actions that cloud logs describe are not always easy for a defender to visualize.
In-Person
Cloud-Driven Security: Building a Data Lake and Integrating Agentic Solutions for Real-Time Action
In today's rapidly evolving digital landscape, ensuring robust cloud security is more critical than ever.
In-Person
Securing the Future: Leveraging AI and GenAI in Cloud Security to Combat Emerging Threats
As cloud environments evolve, securing AI-driven and cloud-native workloads has become a paramount challenge.
In-Person
IaC and GitOps for Resilient Multi-Cloud Security: Turning Argo CD and Crossplane into Enforcers of Enterprise for Declarative, Automated Governance and Threat Mitigation
The session will help attendees learn how Infrastructure as Code (IaC) and GitOps, powered by Argo CD and Crossplane, can significantly strengthen your multi-cloud security posture through automated, declarative governance and real-time threat mitigation.
Virtual
Lunch
Summit Day 112:15PM - 01:30PM MDTIn-Person
Ghosts to Guardrails: Moving Beyond the Alert Driven Posture
In this talk, we will discuss how we are moving GitHub’s cloud security posture program from an alert-driven to a guardrail-driven environment, the tools we use in AWS and Azure, and the successes and pitfalls of building this program.
In-Person
IaC Meets Reality: Engineering for the Cloud You Actually Have
We all hear it: "Manage your infrastructure as code." But what happens when the reality of multi-account setups, unmanaged settings, and the limitations of your IaC tool start pushing your team toward manual fixes?
In-Person
Break
Summit Day 102:35PM - 02:50PM MDTBehind the Clicks: What AI Tools in the Cloud Aren’t Telling You
As AI features rapidly roll out across popular cloud tools like Microsoft 365 Copilot, Salesforce Einstein, Grammarly Business, and Zoom’s smart summaries, organizations are unknowingly inheriting risk — not just technical, but regulatory and reputational.
In-Person
Go Jump in a Lake: How a Data Lake Can Help Your Security Program
Back in the olden days, security was done using a SIEM. You plunked down a large sum of money, poured all of your logs (or at least the ones you could afford) into this thing that patiently collected them, then searched it either manually or automatically for threats.
In-Person
Day 1 Wrap-Up
Summit Day 104:00PM - 04:15PM MDTIn-Person
Opening Remarks
Summit Day 208:45AM - 09:00AM MDTIn-Person
Keynote | To Be Announced
Summit Day 209:00AM - 09:45AM MDTIn-Person
Break
Summit Day 209:45AM - 10:00AM MDTIn-Person
Identity and Access Management (IAM) in the Cloud
As enterprises shift to cloud-based infrastructures, Identity and Access Management (IAM) has become central to securing digital assets.
In-Person
Workshop | Level Up Your CI/CD: Building a secure pipeline with OSS
What does the "perfect" CI/CD pipeline look like, especially one built with security at its core?
In-Person
Get The Flock Out of My Cloud: Using DuckDB to Detect Spousal Sabotage (in AWS, Azure & GCP)
Insider threat or...Inside of the house?
Cloud security is a serious business, but what happens when the Advanced Persistent Threat shares your Wi-Fi password?
In-Person
Open FGA in IAM
Authorization is a crucial aspect of securing our application with right controls.
In-Person
Can GenAI Solve Multicloud Security?
Securing multiple clouds is a daunting task. It typically requires cloud security engineers to have a deep understanding of each cloud's controls. Generative AI (GenAI) offers a promising way to simplify this process.
In-Person
Lunch
Summit Day 212:15PM - 01:30PM MDTIn-Person
Agentic AI Workflows in Cybersecurity: Opportunities, Challenges, and Governance via the MCP Model
Agentic AI workflows—autonomous pipelines in which large language models (LLMs) plan, decompose, and execute sequences of tasks—are rapidly being adopted in cybersecurity for threat hunting, incident response, and vulnerability management.
In-Person
These aren't the Providers you are looking for: Compromising pipelines with Evil Terraform
Abstract: As supply chain security continues to evolve in 2025, much of the focus remains on malicious packages in ecosystems like PyPI, NPM, and compromised GitHub Actions workflows. But what about your Terraform modules and providers?
Break
Summit Day 202:35PM - 02:50PM MDTIn-Person
Safeguarding Cloud Identities
Cloud Computing is complex and often misunderstood, and Identity Access and Management (IAM) is a major challenge in the cloud.
In-Person
Amazon S3 Security: 19 Years Later. Why Cloud Data Security is Still Complex to Manage.
Cloud Storage has been around for 19 years. Amazon Simple Storage Service was released in 2006. It's 2025 and cloud data security is still complex to manage.
In-Person
Day 2 Wrap-Up
Summit Day 204:00PM - 04:15PM MDTIn-Person
Embassy Suites by Hilton Denver Downtown
A special discounted rate of $235.00 S/D plus applicable taxes will be honored based on space availability.
A limited number of Government Per Diem rooms at the prevailing rate are available with proper ID.
These rates include Internet in your room and are only available through Tuesday, September 9, 2025.
Complimentary Breakfast and Happy Hour
Enjoy complimentary breakfast and happy hour drinks & snacks when you stay with SANS at the Embassy Suites Denver Downtown.
3 Reasons To Stay At The Event Venue
