CloudSecNext Summit & Training 2025

Thu, Oct 2 - Thu, Oct 9, 2025
8 Courses
12 CPEs (Summit Only)
English

Embassy Suites by Hilton Denver Downtown & Virtual (MT)

1420 Stout Street, Denver, CO 80202

Jump to:

Event Highlights
Courses
Speakers
Schedule
Location

Secure the Cloud, Secure the Future!

As organizations continue to leverage cloud services for enterprise workloads as well as newer GenAI use cases security professionals need to deal with new risks, threats, and issues.

Join us for CloudSecNext, where top experts and real-world practitioners will share insights, case studies, and hands-on technical training to help you build and maintain a secure cloud infrastructure.

Slide 1 of 2
Slide 2 of 2

Who Should Attend

Security professionals who are responsible for securing public cloud infrastructure and service
Cloud security analysts, engineers, architects, and managers
Tech and security leaders advising on cloud risks and strategies
Practitioners seeking insights on cloud security, automation, threat detection, and GenAI
Don't miss this opportunity to connect, learn, and level up your cloud security game with some of the brightest minds in the industry!

Why You Should Attend CloudSecNext Summit 2025

What Attendees Say

Slide 1 of 4
The Summit is great for those who have direct use/control of Cloud infrastructure. A wealth of information and experiences for those getting into the field and as always, there were great networking opportunities.
Chris Swallow
Slide 2 of 4
Great way to step back from day-to-day security controls to see the transformational themes our industry is facing. There was a good combination of technical talks with actionable tips for the next 30 days, mixed with themes our org will see over the next 3-5 years.
Will Casey
Slide 3 of 4
The Summit provided valuable insight from colleagues in security regarding process tooling, and opportunities that can be encountered in the cloud. The time to network and discuss challenges was invaluable.
Johnny Ray
Slide 4 of 4
The content is stellar, and the opportunities for networking and industry knowledge-sharing are invaluable.
Ricky PullanMicrosoft

Course Note:

Starting in September 2025, SEC488 will transition to a 5-Day course with a remote CTF.

Summit Highlights

Highly Technical Talks and Sessions

The industry's top practitioners will share their latest cloud security techniques, tools, case studies, and solutions.

Summit, Highly Technical Talks & Sessions

One-Of-A-Kind Networking With The Top Minds In Cloud Security

You’ll have the chance to engage with Summit Chairs, speakers, and your peers in the community for deep-dive discussions, and casual chats over breaks, meals, and evening receptions.

Summit Night Out

The days will be filled with the latest in cloud security, but the fun goes up a notch at night for those joining us in Denver.

Solutions Expo Hall

Explore the latest tools and solutions in cloud security.

World-Class SANS Cloud Security Courses

Enhance your knowledge base and add to your toolkit by bundling your Summit experience with a hands-on, immersive course taught by top SANS instructors and course authors.

Register

Summit and Course Registration

from $8,260 USD

In personIncludes

Course: Live Instructor Training with Hands-on Exercises
Summit: Talks, Presentations and Workshops
Summit: Solutions Expo Hall

Select course to Enroll

Live onlineIncludes

Course: Virtual Live Instructor Training with Hands-on Exercises
Summit: Select Talks and Content
Summit: Interactive Chat on Slack

Select course to Enroll

Summit Registration Only

from Free

$525 USD*Prices exclude applicable local taxes

In personIncludes

Free Lunch and Snacks
Summit: Solutions Expo Hall

Attend In PersonLogin to register

Free

Live onlineIncludes

Interactive Chat on Slack
Talks and Sessions

Important Dates

Refund Deadline:: September 17, 2025
Hotel Group Discount Deadline:: September 9, 2025

Courses

Looking for Group Purchasing? Contact Us

Showing 8 of 8

Filter by:

SEC504: Hacker Tools, Techniques, and Incident Handling

SEC504Offensive Operations

GIAC Certified Incident Handler
6 Days
38 CPEs
Mick Douglas

Starts 4 Oct 2025 at 8:30 AM MT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC522: Application Security: Securing Web Applications, APIs, and Microservices

SEC522Cloud Security

GIAC Certified Web Application Defender
6 Days
36 CPEs
Dr. Johannes Ullrich

Starts 4 Oct 2025 at 8:30 AM MT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC540: Cloud Native Security and DevSecOps Automation

SEC540Cloud Security

GIAC Cloud Security Automation
5 Days
38 CPEs
Jon Zeolla

Starts 4 Oct 2025 at 8:30 AM MT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

FOR509: Enterprise Cloud Forensics and Incident Response

FOR509Digital Forensics and Incident Response

GIAC Cloud Forensics Responder
6 Days
36 CPEs
Terrence Williams

Starts 4 Oct 2025 at 8:30 AM MT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC541: Cloud Security Threat Detection

SEC541Cloud Security

GIAC Cloud Threat Detection
5 Days
30 CPEs
Ryan Thompson

Starts 4 Oct 2025 at 8:30 AM MT
$8,260 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC549: Cloud Security Architecture

SEC549Cloud Security

GIAC Cloud Security Architecture and Design
5 Days
30 CPEs
Simon Vernon

Starts 4 Oct 2025 at 8:30 AM MT
$8,260 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

LDR512: Security Leadership Essentials for Managers

LDR512Cybersecurity Leadership

GIAC Security Leadership
5 Days
30 CPEs
My-Ngoc Nguyen

Starts 4 Oct 2025 at 8:30 AM MT
$8,260 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

SEC502: Cloud Security Tactical Defense

SEC502Cloud Security

GIAC Cloud Security Essentials
5 Days
36 CPEs
Chris Edmundson

Starts 4 Oct 2025 at 8:30 AM MT
$8,780 USD (Course)
$999 USD (Certification)
*Prices exclude applicable local taxes

View course details

Summit Chairs

Frank Kim

Venture Advisor

Frank Kim is the Founder of ThinkSec, a security consulting and CISO advisory firm. He leads the Cybersecurity Leadership and Cloud Security curricula at SANS, as well as authors and instructs multiple SANS courses.

Learn more

Eric Johnson

Principal Security Engineer

Eric is a co-founder and principal security engineer at Puma Security focusing on modern static analysis product development and DevSecOps automation. He is co-author and instructor for three SANS Cloud Security courses.

Learn more

Bailey Bercik

Senior Threat Intelligence Analyst

Bailey Bercik is a Senior Threat Intelligence Analyst at Microsoft’s Threat Intelligence Center (MSTIC).

Learn more

Schedule

Summit Dates

Thursday 2nd October & Friday 3rd October

Training Dates

Saturday 4th October - Thursday 9th October

Showing 18 of 34

Filter by:

Select day:

Opening Remarks

Summit Day 108:45AM - 09:00AM MDT

Presented by

Frank Kim

Fellow

Eric Johnson

Fellow

Bailey Bercik

Senior Threat Intelligence Analyst

In-Person

Keynote | To Be Announced

Summit Day 109:00AM - 09:45AM MDT

In-Person & Virtual

Break

Summit Day 109:45AM - 10:00AM MDT

In-Person

How I Learned to Stop Worrying and Love Vibe Coding: Security Edition

As a security professional, watching AI-generated code seep into production feels like a nightmare. It’s incredibly fast to write and looks convincing—but it’s often wrong.

Summit Day 110:00AM - 10:30AM MDT

Presented by

Jon Zeolla

Certified Instructor

In-Person & Virtual

Defending Against JavaGhost: Preventing Abuse of Your Cloud Environments for Cyber Attacks

Over the last 3 years, Unit 42 has performed multiple investigations relating to the threat actor group "JavaGhost," which targeted organizations’ AWS environments.

Summit Day 110:00AM - 10:30AM MDT

Presented by

Margaret Kelley

Principal Consultant

Virtual

Snakes on a (Control) Plane: Purple Teaming Azure IAM for Threat Detection

Cloud-based identity security is notoriously slippery: every cloud has a different security philosophy and the actions that cloud logs describe are not always easy for a defender to visualize.

Summit Day 110:35AM - 11:05AM MDT

Presented by

Lydia Graslie

Detection Engineer

In-Person & Virtual

How to Successfully Implement a Cloud Security Platform

Over the last 3 years I've led the implementation of multi-cloud security platforms at 3 different UK organisations: OVO Energy, Q-Solution, and The National Archives.

Summit Day 110:35AM - 11:05AM MDT

Presented by

Paul Schwarzenberger

Cloud Security Engineer

Virtual

Cloud-Driven Security: Building a Data Lake and Integrating Agentic Solutions for Real-Time Action

In today's rapidly evolving digital landscape, ensuring robust cloud security is more critical than ever.

Summit Day 111:10AM - 11:40AM MDT

Presented by

Manish Kumar Yadav

Principal Security Architect

In-Person & Virtual

Guardians of the Cloud: From Stealth to Security at Scale

As organizations expand their cloud footprint, securing this dynamic environment becomes increasingly complex and critical.

Summit Day 111:10AM - 11:40AM MDT

Presented by

Shivam Dhar

VP - Lead Security Engineer

Virtual

Securing the Future: Leveraging AI and GenAI in Cloud Security to Combat Emerging Threats

As cloud environments evolve, securing AI-driven and cloud-native workloads has become a paramount challenge.

Summit Day 111:45AM - 12:15PM MDT

Presented by

Advait Patel

Senior Site Reliability Engineer

In-Person & Virtual

IaC and GitOps for Resilient Multi-Cloud Security: Turning Argo CD and Crossplane into Enforcers of Enterprise for Declarative, Automated Governance and Threat Mitigation

The session will help attendees learn how Infrastructure as Code (IaC) and GitOps, powered by Argo CD and Crossplane, can significantly strengthen your multi-cloud security posture through automated, declarative governance and real-time threat mitigation.

Summit Day 111:45AM - 12:15PM MDT

Presented by

Arun Pandiyan Perumal

Site Reliability Engineer

Virtual

Lunch

Summit Day 112:15PM - 01:30PM MDT

In-Person

To Be Announced

Summit Day 101:30PM - 02:00PM MDT

In-Person & Virtual

IaC Meets Reality: Engineering for the Cloud You Actually Have

We all hear it: "Manage your infrastructure as code." But what happens when the reality of multi-account setups, unmanaged settings, and the limitations of your IaC tool start pushing your team toward manual fixes?

Summit Day 102:05PM - 02:35PM MDT

Presented by

Samuel Burgos

Cloud Security Engineer

Andoni Alonso

Cloud Security Engineer

In-Person & Virtual

Break

Summit Day 102:35PM - 02:50PM MDT

Behind the Clicks: What AI Tools in the Cloud Aren’t Telling You

As AI features rapidly roll out across popular cloud tools like Microsoft 365 Copilot, Salesforce Einstein, Grammarly Business, and Zoom’s smart summaries, organizations are unknowingly inheriting risk — not just technical, but regulatory and reputational.

Summit Day 102:50PM - 03:20PM MDT

Presented by

AD Edwards

AI and Cloud Governance Strategist

In-Person & Virtual

Go Jump in a Lake: How a Data Lake Can Help Your Security Program

Back in the olden days, security was done using a SIEM. You plunked down a large sum of money, poured all of your logs (or at least the ones you could afford) into this thing that patiently collected them, then searched it either manually or automatically for threats.

Summit Day 103:25PM - 03:55PM MDT

Presented by

Brian Davis

Principal Software Engineer

In-Person & Virtual