CloudSecNext Summit & Training 2025

Thu, Oct 2 - Thu, Oct 9, 2025
8 Courses
12 CPEs (Summit Only)
English

Embassy Suites by Hilton Denver Downtown & Virtual (MT)

1420 Stout Street, Denver, CO 80202

Jump to:

Event Highlights
Courses
Speakers
Schedule
Location

Thank You To Our Sponsors

Secure the Cloud, Secure the Future!

As organizations continue to leverage cloud services for enterprise workloads as well as newer GenAI use cases security professionals need to deal with new risks, threats, and issues.

Join us for CloudSecNext, where top experts and real-world practitioners will share insights, case studies, and hands-on technical training to help you build and maintain a secure cloud infrastructure.

Slide 1 of 2
Slide 2 of 2

Who Should Attend

Security professionals who are responsible for securing public cloud infrastructure and service
Cloud security analysts, engineers, architects, and managers
Tech and security leaders advising on cloud risks and strategies
Practitioners seeking insights on cloud security, automation, threat detection, and GenAI
Don't miss this opportunity to connect, learn, and level up your cloud security game with some of the brightest minds in the industry!

Why You Should Attend CloudSecNext Summit 2025

What Attendees Say

Slide 1 of 4
The Summit is great for those who have direct use/control of Cloud infrastructure. A wealth of information and experiences for those getting into the field and as always, there were great networking opportunities.
Chris Swallow
Slide 2 of 4
Great way to step back from day-to-day security controls to see the transformational themes our industry is facing. There was a good combination of technical talks with actionable tips for the next 30 days, mixed with themes our org will see over the next 3-5 years.
Will Casey
Slide 3 of 4
The Summit provided valuable insight from colleagues in security regarding process tooling, and opportunities that can be encountered in the cloud. The time to network and discuss challenges was invaluable.
Johnny Ray
Slide 4 of 4
The content is stellar, and the opportunities for networking and industry knowledge-sharing are invaluable.
Ricky PullanMicrosoft

Course Note:

Starting in September 2025, SEC488 will transition to a 5-Day course with a remote CTF.

Summit Highlights

Highly Technical Talks and Sessions

The industry's top practitioners will share their latest cloud security techniques, tools, case studies, and solutions.

Summit, Highly Technical Talks & Sessions

One-Of-A-Kind Networking With The Top Minds In Cloud Security

You’ll have the chance to engage with Summit Chairs, speakers, and your peers in the community for deep-dive discussions, and casual chats over breaks, meals, and evening receptions.

Summit Night Out

The days will be filled with the latest in cloud security, but the fun goes up a notch at night for those joining us in Denver.

Solutions Expo Hall

Explore the latest tools and solutions in cloud security.

World-Class SANS Cloud Security Courses

Enhance your knowledge base and add to your toolkit by bundling your Summit experience with a hands-on, immersive course taught by top SANS instructors and course authors.

Register

Summit and Course Registration

from $8,260 USD

In personIncludes

Course: Live Instructor Training with Hands-on Exercises
Summit: Talks, Presentations and Workshops
Summit: Solutions Expo Hall

Select course to Enroll

Live onlineIncludes

Course: Virtual Live Instructor Training with Hands-on Exercises
Summit: Select Talks and Content
Summit: Interactive Chat on Slack

Select course to Enroll

Summit Registration Only

from Free

$525 USD*Prices exclude applicable local taxes

In personIncludes

Free Lunch and Snacks
Summit: Solutions Expo Hall

Attend In PersonLogin to register

Free

Live onlineIncludes

Interactive Chat on Slack
Talks and Sessions

Important Dates

Refund Deadline:: September 17, 2025
Hotel Group Discount Deadline:: September 16, 2025

Courses

Looking for Group Purchasing? Contact Us

Showing 8 of 8

Filter by:

SEC504: Hacker Tools, Techniques, and Incident Handling

SEC504Offensive Operations

GIAC Certified Incident Handler
6 Days
38 CPEs
Mick Douglas

Starts 4 Oct 2025 at 8:30 AM MT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC522: Application Security: Securing Web Applications, APIs, and Microservices

SEC522Cloud Security

GIAC Certified Web Application Defender
6 Days
36 CPEs
Dr. Johannes Ullrich

Starts 4 Oct 2025 at 8:30 AM MT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC540: Cloud Native Security and DevSecOps Automation

SEC540Cloud Security

GIAC Cloud Security Automation
5 Days
38 CPEs
Jon Zeolla

Starts 4 Oct 2025 at 8:30 AM MT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

FOR509: Enterprise Cloud Forensics and Incident Response

FOR509Digital Forensics and Incident Response

GIAC Cloud Forensics Responder
6 Days
36 CPEs
Terrence Williams

Starts 4 Oct 2025 at 8:30 AM MT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC541: Cloud Security Threat Detection

SEC541Cloud Security

GIAC Cloud Threat Detection
5 Days
30 CPEs
Ryan Thompson

Starts 4 Oct 2025 at 8:30 AM MT
$8,260 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC549: Cloud Security Architecture

SEC549Cloud Security

GIAC Cloud Security Architecture and Design
5 Days
30 CPEs
Simon Vernon

Starts 4 Oct 2025 at 8:30 AM MT
$8,260 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

LDR512: Security Leadership Essentials for Managers

LDR512Cybersecurity Leadership

GIAC Security Leadership
5 Days
30 CPEs
My-Ngoc Nguyen

Starts 4 Oct 2025 at 8:30 AM MT
$8,260 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC502: Cloud Security Tactical Defense

SEC502Cloud Security

GIAC Cloud Security Essentials
5 Days
36 CPEs
Chris Edmundson

Starts 4 Oct 2025 at 8:30 AM MT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

Summit Chairs

Frank Kim

Venture Advisor

Frank Kim is the Founder of ThinkSec, a security consulting and CISO advisory firm. He leads the Cybersecurity Leadership and Cloud Security curricula at SANS, as well as authors and instructs multiple SANS courses.

Learn more

Eric Johnson

Principal Security Engineer

Eric is a co-founder and principal security engineer at Puma Security focusing on modern static analysis product development and DevSecOps automation. He is co-author and instructor for three SANS Cloud Security courses.

Learn more

Bailey Bercik

Senior Threat Intelligence Analyst

Bailey Bercik is a Senior Threat Intelligence Analyst at Microsoft’s Threat Intelligence Center (MSTIC).

Learn more

Schedule

Summit Dates

Thursday 2nd October & Friday 3rd October

Training Dates

Saturday 4th October - Thursday 9th October

Showing 18 of 35

Filter by:

Select day:

Opening Remarks

Summit Day 108:45AM - 09:00AM MDT

Presented by

Frank Kim

Fellow

Eric Johnson

Fellow

Bailey Bercik

Senior Threat Intelligence Analyst

In-Person

Keynote | Agentic AI: Understanding and Securing the Next Frontier of Intelligent Systems

Imagine giving your intern not just access to your computer, but also your credit card, API keys, and permission to make decisions on your behalf, that's essentially what we're doing with agentic AI. Unlike traditional AI that focus on classification predicting outcomes, these systems actively take actions, use tools, and pursue goals with minimal human oversight. This creates complex new attack vectors: agents can be tricked into transferring funds, manipulated through crafted inputs, sent astray by misinformation and hallucinations from another agent in the chain, or develop unexpected behaviors that sidestep our security assumptions. We'll dive into real-world threat scenarios, explore why traditional security models fall short, and discuss practical approaches for containing and governing the next frontier of intelligent systems.

Summit Day 109:00AM - 09:45AM MDT

Presented by

Diana Kelley

Co-Founder and CTO

In-Person & Virtual

Break

Summit Day 109:45AM - 10:00AM MDT

In-Person

How I Learned to Stop Worrying and Love Vibe Coding: Security Edition

As a security professional, watching AI-generated code seep into production feels like a nightmare. It’s incredibly fast to write and looks convincing—but it’s often wrong.

Summit Day 110:00AM - 10:30AM MDT

Presented by

Jon Zeolla

Certified Instructor

In-Person & Virtual

Defending Against JavaGhost: Preventing Abuse of Your Cloud Environments for Cyber Attacks

Over the last 3 years, Unit 42 has performed multiple investigations relating to the threat actor group "JavaGhost," which targeted organizations’ AWS environments.

Summit Day 110:00AM - 10:30AM MDT

Presented by

Margaret Kelley

Principal Consultant

Virtual

Snakes on a (Control) Plane: Purple Teaming Azure IAM for Threat Detection

Cloud-based identity security is notoriously slippery: every cloud has a different security philosophy and the actions that cloud logs describe are not always easy for a defender to visualize.

Summit Day 110:35AM - 11:05AM MDT

Presented by

Lydia Graslie

Detection Engineer

In-Person & Virtual

How to Successfully Implement a Cloud Security Platform

Over the last 3 years I've led the implementation of multi-cloud security platforms at 3 different UK organisations: OVO Energy, Q-Solution, and The National Archives.

Summit Day 110:35AM - 11:05AM MDT

Presented by

Paul Schwarzenberger

Cloud Security Engineer

Virtual

Cloud-Driven Security: Building a Data Lake and Integrating Agentic Solutions for Real-Time Action

In today's rapidly evolving digital landscape, ensuring robust cloud security is more critical than ever.

Summit Day 111:10AM - 11:40AM MDT

Presented by

Manish Kumar Yadav

Principal Security Architect

In-Person & Virtual

Can GenAI Solve Multicloud Security?

Securing multiple clouds is a daunting task. It typically requires cloud security engineers to have a deep understanding of each cloud's controls. Generative AI (GenAI) offers a promising way to simplify this process.

Summit Day 111:10AM - 11:40AM MDT

Presented by

Brandon Evans

Senior Instructor

Virtual

Securing the Future: Leveraging AI and GenAI in Cloud Security to Combat Emerging Threats

As cloud environments evolve, securing AI-driven and cloud-native workloads has become a paramount challenge.

Summit Day 111:45AM - 12:15PM MDT

Presented by

Advait Patel

Senior Site Reliability Engineer

In-Person & Virtual

IaC and GitOps for Resilient Multi-Cloud Security: Turning Argo CD and Crossplane into Enforcers of Enterprise for Declarative, Automated Governance and Threat Mitigation

The session will help attendees learn how Infrastructure as Code (IaC) and GitOps, powered by Argo CD and Crossplane, can significantly strengthen your multi-cloud security posture through automated, declarative governance and real-time threat mitigation.

Summit Day 111:45AM - 12:15PM MDT

Presented by

Arun Pandiyan Perumal

Site Reliability Engineer

Virtual

Lunch

Summit Day 112:15PM - 01:30PM MDT

In-Person

Handle with Care: The Fragile Reality of Cloud Emergency Access

Break-glass or emergency access accounts represent the last line of defence in cloud environments, reserved for scenarios when identity providers fail, automated systems misfire, or administrators lock themselves out.

Summit Day 101:30PM - 02:00PM MDT

Presented by

Simon Vernon

Certified Instructor

In-Person & Virtual

IaC Meets Reality: Engineering for the Cloud You Actually Have

We all hear it: "Manage your infrastructure as code." But what happens when the reality of multi-account setups, unmanaged settings, and the limitations of your IaC tool start pushing your team toward manual fixes?

Summit Day 102:05PM - 02:35PM MDT

Presented by

Samuel Burgos

Cloud Security Engineer

Andoni Alonso

Cloud Security Engineer

In-Person & Virtual

Break

Summit Day 102:35PM - 02:50PM MDT

Behind the Clicks: What AI Tools in the Cloud Aren’t Telling You

As AI features rapidly roll out across popular cloud tools like Microsoft 365 Copilot, Salesforce Einstein, Grammarly Business, and Zoom’s smart summaries, organizations are unknowingly inheriting risk — not just technical, but regulatory and reputational.

Summit Day 102:50PM - 03:20PM MDT

Presented by

AD Edwards

AI and Cloud Governance Strategist

In-Person & Virtual

Go Jump in a Lake: How a Data Lake Can Help Your Security Program

Back in the olden days, security was done using a SIEM. You plunked down a large sum of money, poured all of your logs (or at least the ones you could afford) into this thing that patiently collected them, then searched it either manually or automatically for threats.

Summit Day 103:25PM - 03:55PM MDT

Presented by

Brian Davis

Principal Software Engineer

In-Person & Virtual

Day 1 Wrap-Up

Summit Day 104:00PM - 04:15PM MDT

In-Person

Opening Remarks

Summit Day 208:45AM - 09:00AM MDT

In-Person

Panel | The Convergence of Cloud and AI: A New Era

Summit Day 209:00AM - 09:45AM MDT

Panelists

Bailey Bercik

Senior Threat Intelligence Analyst

Shaun McCullough

Certified Instructor

Jon Zeolla

Certified Instructor

Terrence Williams

Certified Instructor

In-Person & Virtual

Break

Summit Day 209:45AM - 10:00AM MDT

In-Person

Identity and Access Management (IAM) in the Cloud

As enterprises shift to cloud-based infrastructures, Identity and Access Management (IAM) has become central to securing digital assets.

Summit Day 210:00AM - 10:30AM MDT

Presented by

Neha Prakash

IAM Business Analyst

In-Person & Virtual

Workshop | Level Up Your CI/CD: Building a Secure Pipeline With OSS

What does the "perfect" CI/CD pipeline look like, especially one built with security at its core?

Summit Day 210:00AM - 12:15PM MDT

Presented by

Andoni Alonso

Cloud Security Engineer

Eduardo Simon

Software Engineer

In-Person

Get The Flock Out of My Cloud: Using DuckDB to Detect Spousal Sabotage (in AWS, Azure & GCP)

Insider threat or...Inside of the house?

Cloud security is a serious business, but what happens when the Advanced Persistent Threat shares your Wi-Fi password?

Summit Day 210:35AM - 11:05AM MDT

Presented by

Jared Gore

Cloud Security Engineer

Liz Gore

Director of IT & Operations

In-Person & Virtual

Open FGA in IAM

Authorization is a crucial aspect of securing our application with right controls.

Summit Day 211:10AM - 11:40AM MDT

Presented by

Ramesh Babu

Senior Engineering Manager

In-Person & Virtual

Ghosts to Guardrails: Moving Beyond the Alert Driven Posture

In this talk, we will discuss how we are moving GitHub’s cloud security posture program from an alert-driven to a guardrail-driven environment, the tools we use in AWS and Azure, and the successes and pitfalls of building this program.

Summit Day 211:45AM - 12:15PM MDT

Presented by

Shaun McCullough

Certified Instructor

In-Person & Virtual

Lunch

Summit Day 212:15PM - 01:30PM MDT

In-Person

Agentic AI Workflows in Cybersecurity: Opportunities, Challenges, and Governance via the MCP Model

Agentic AI workflows—autonomous pipelines in which large language models (LLMs) plan, decompose, and execute sequences of tasks—are rapidly being adopted in cybersecurity for threat hunting, incident response, and vulnerability management.

Summit Day 201:30PM - 02:00PM MDT

Presented by

Sri Keerthi Suggu

Senior Cyber Security Engineer

In-Person & Virtual

These Aren't The Providers You Are Looking for: Compromising Pipelines With Evil Terraform

Abstract: As supply chain security continues to evolve in 2025, much of the focus remains on malicious packages in ecosystems like PyPI, NPM, and compromised GitHub Actions workflows. But what about your Terraform modules and providers?

Summit Day 202:05PM - 02:35PM MDT

Presented by

Dakota Riley

Associate Instructor

In-Person & Virtual

Break

Summit Day 202:35PM - 02:50PM MDT

In-Person

Safeguarding Cloud Identities

Cloud Computing is complex and often misunderstood, and Identity Access and Management (IAM) is a major challenge in the cloud.

Summit Day 202:50PM - 03:20PM MDT

Presented by

Lakshmi Gudimella

Senior Manager CyberSecurity

In-Person & Virtual

Amazon S3 Security: 19 Years Later. Why Cloud Data Security is Still Complex to Manage.

Cloud Storage has been around for 19 years. Amazon Simple Storage Service was released in 2006. It's 2025 and cloud data security is still complex to manage.

Summit Day 203:25PM - 03:55PM MDT

Presented by

Jason Kao

Founder

In-Person & Virtual

Day 2 Wrap-Up

Summit Day 204:00PM - 04:15PM MDT

In-Person

SANS@Night: Shifting the Cybersecurity Mindset: Leading Through Risk and Influence for Today's Challenges

As cyber threats grow and evolve, leaders must not only stay informed about emerging trends, but also proactively manage risks and influence organizational culture to build resilience.

Training Event (Sunday)06:30PM - 07:30PM MDT

Presented by

My-Ngoc Nguyen

Principal Instructor

In-Person

SANS@Night: How I Learned to Stop Worrying and Love Vibe Coding

As a security professional, watching AI-generated code seep into production feels like a nightmare. It’s fast and looks good, but often contains bugs and security vulnerabilities.

Training Event (Tuesday)07:30PM - 08:00PM MDT

Presented by

Jon Zeolla

Certified Instructor

In-Person

Embassy Suites by Hilton Denver Downtown

Hotel Special Rates and Reservations

A special discounted rate of $235.00 S/D plus applicable taxes will be honored based on space availability.

A limited number of Government Per Diem rooms at the prevailing rate are available with proper ID.

These rates include Internet in your room and are only available through Tuesday, September 16, 2025.

Complimentary Breakfast and Happy Hour

Enjoy complimentary breakfast and happy hour drinks & snacks when you stay with SANS at the Embassy Suites Denver Downtown.

Book A Reservation Book A Government Per Diem Reservation

3 Reasons To Stay At The Event Venue

Ultimate Convenience
Eliminate the hassle of daily commutes and wasted travel time. You’ll have everything you need—from your training to dining and amenities - all in one centralized, convenient location.
Seamless Networking Opportunities
Stay where the action is! Maximize your chances to connect with fellow cybersecurity professionals and industry leaders - from impromptu conversations in the lobby to exclusive after-hours events.
All Day, All Event Access
SANS live training events include bonus sessions exclusively at the venue. Staying on-site ensures you won’t miss these opportunities to grow your network and engage with peers beyond the conference agenda.

More Information

- Self-Parking: Not available - Valet Parking: $58.00 daily (includes in-and-out privileges.) Available valet-parking is covered and secured. Rates listed are prevailing and subject to change. Alternative Parking Options - SANS recommends researching nearby parking facilities for more affordable options. Some ome popular parking apps that can help you locate and reserve space during your training are SpotHero, ParkMobile, and ParkWhiz. Distances from Nearby Airport - From Denver International Airport (DEN): Approximately 27.5 miles.

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

CloudSecNext Summit & Training 2025

Share

Thank You To Our Sponsors

Secure the Cloud, Secure the Future!

Who Should Attend

What Attendees Say

Course Note:

Summit Highlights

Highly Technical Talks and Sessions

One-Of-A-Kind Networking With The Top Minds In Cloud Security

Summit Night Out

Solutions Expo Hall

World-Class SANS Cloud Security Courses

Register

Summit and Course Registration

Summit Registration Only

Courses

GIAC Certification

Extra 4 Months of Course Access

SEC504: Hacker Tools, Techniques, and Incident Handling

Quick view

SEC522: Application Security: Securing Web Applications, APIs, and Microservices

Quick view

SEC540: Cloud Native Security and DevSecOps Automation

Quick view

FOR509: Enterprise Cloud Forensics and Incident Response

Quick view

SEC541: Cloud Security Threat Detection

Quick view

SEC549: Cloud Security Architecture

Quick view

LDR512: Security Leadership Essentials for Managers

Quick view

SEC502: Cloud Security Tactical Defense

Quick view

Summit Chairs

Frank Kim

Eric Johnson

Bailey Bercik

Schedule

Summit Dates

Training Dates

Opening Remarks

Keynote | Agentic AI: Understanding and Securing the Next Frontier of Intelligent Systems

Break

How I Learned to Stop Worrying and Love Vibe Coding: Security Edition

Defending Against JavaGhost: Preventing Abuse of Your Cloud Environments for Cyber Attacks

Snakes on a (Control) Plane: Purple Teaming Azure IAM for Threat Detection

How to Successfully Implement a Cloud Security Platform

Cloud-Driven Security: Building a Data Lake and Integrating Agentic Solutions for Real-Time Action

Can GenAI Solve Multicloud Security?

Securing the Future: Leveraging AI and GenAI in Cloud Security to Combat Emerging Threats

IaC and GitOps for Resilient Multi-Cloud Security: Turning Argo CD and Crossplane into Enforcers of Enterprise for Declarative, Automated Governance and Threat Mitigation

Lunch

Handle with Care: The Fragile Reality of Cloud Emergency Access

IaC Meets Reality: Engineering for the Cloud You Actually Have

Break

Behind the Clicks: What AI Tools in the Cloud Aren’t Telling You

Go Jump in a Lake: How a Data Lake Can Help Your Security Program

Day 1 Wrap-Up

Opening Remarks

Panel | The Convergence of Cloud and AI: A New Era

Break

Identity and Access Management (IAM) in the Cloud

Workshop | Level Up Your CI/CD: Building a Secure Pipeline With OSS

Get The Flock Out of My Cloud: Using DuckDB to Detect Spousal Sabotage (in AWS, Azure & GCP)

Open FGA in IAM

Ghosts to Guardrails: Moving Beyond the Alert Driven Posture

Lunch

Agentic AI Workflows in Cybersecurity: Opportunities, Challenges, and Governance via the MCP Model

These Aren't The Providers You Are Looking for: Compromising Pipelines With Evil Terraform

Break

Safeguarding Cloud Identities

Amazon S3 Security: 19 Years Later. Why Cloud Data Security is Still Complex to Manage.

Day 2 Wrap-Up

SANS@Night: Shifting the Cybersecurity Mindset: Leading Through Risk and Influence for Today's Challenges

SANS@Night: How I Learned to Stop Worrying and Love Vibe Coding

Embassy Suites by Hilton Denver Downtown

3 Reasons To Stay At The Event Venue