SANS 2022 Cloud Security Exchange

SANS 2022 Cloud Security Exchange: Partnering with top cloud platform providers to help you make the cloud a safer place.

For the first time, the SANS 2022 Cloud Security Exchange event brings technical security leaders from Google Cloud Platform (GCP) and Microsoft Azure together in one forum to share their perspectives on building cloud security programs and best practices on key security pillars. Independent technical experts from SANS Institute will be paired with these cloud security provider leaders to share solutions to problems that enterprises encounter in the increasingly multi-cloud environment.

This event will be simultaneously live streamed in Portuguese, and Spanish. Also, Japanese will be available in OnDemand format.

Can't join us live? We've got you covered, register now and you will be notified when the OnDemand recording will be available for you to revisit as your schedule permits, including all the languages!


Proudly Sponsored By


The 2022 Cloud Security Exchange will feature:

  • Engaging Talks - With 3 engaging presentations and our interactive panel discussion, this event features the Cloud Security industry's best and brightest subject matter experts. Gain insight on today's best practices for protecting your cloud environment against potential attacks and explore the latest available capabilities.
  • We Want to Hear from You - Leading up to this event, we will send poll questions to our audience via our interactive Slack workspace to take the audience's temperature on hot topics circulating Cloud Security professionals. During the event, we will touch on some of these poll questions and your responses to shed light on what is important to you!
  • Networking Opportunities - This event is designed to make the cloud a safer place. Connect with fellow cyber professionals from around the world, share your experiences and pain points, and forge or deepen new connections with people who have the same end goal in mind.

Agenda | August 25th | 11:00 AM - 3:15 PM

All Times Shown in Eastern Daylight Time (EDT)



11:00 AM

SANS Welcome 
Frank Kim, SANS Fellow

11:15 AM

Opening Comments
Diana Kelley & Ed Moyle, Co-Founders Security Curve

11:30 AM

Building a Foundational Cloud Security Strategy in Google Cloud

As more organizations embrace cloud migration, security operations and architecture teams are facing new challenges. We largely moved past the days of “lift and shift,” where many traditional on-premises security controls and processes are copied without much analysis to the cloud. Now we’re evolving into a much more cloud-native phase where highly agile teams are building complex and more interconnected applications than ever, using native technologies built by cloud providers. Nowhere is this more true than in Google Cloud, embracing the theme “always be innovating”.

This session will help enterprise security teams build a sound operational security strategy in Google Cloud, starting with threat modeling to help determine where and how to focus best. Then we’ll explore best practices for implementing strong security capabilities in all three pillars within Google Cloud, leaving attendees with a guide for building and operating their own security architecture within the Google Cloud Platform that grows with them as their cloud footprint expands.

Dr. Anton Chuvakin, Leader of the security solution strategy at Google Cloud & Dave Shackleford, SANS Senior Instructor 

12:15 PM

Blue Skies and Clouds

Is identity the new perimeter? When we use a Virtual Private Network (VPN), what is it that we use to gain access? Identity. In essence, Identity is the center point of our systems and when it comes to the cloud, that concept is supercharged. Microsoft has a rich history in Identity and Authentication. It is without question that when your organization needs to use a Microsoft Service, identity will be involved. How can attackers subvert your security controls and gain access to your environment? How can you detect unauthorized access efficiently and effectively? What can you do to regain and retain control of your environment following an incident?

This session will look at attackers and how they will attempt to subvert these systems, and what can occur in both Azure Active Directory and the Azure Platform itself. Using real life examples, we will provide best practice recommendations and insights into how these incidents occurred. Learning from use these cases with an eye to best practices will help prepare you with best practices for potential attacks.

Dr. Roberto Bamberger, Senior Principal Consultant in Microsoft’s Detection and Response Team (DaRT) & Moses Frost, SANS Senior Instructor

1:00 PM


1:15 PM

Top 3 Cloud Security Weaknesses, Misunderstandings, and Mitigations

Many of the threats the industry faces in the cloud can be combatted with secure cloud configuration and tooling. Unfortunately, because the service landscape contains hundreds of cloud services, security practitioners are overwhelmed and underinformed. Their job gets even harder in a multicloud environment, where seemingly small differences between the clouds have immense security implications. 

This session will cover the top cloud security weaknesses the panelists have observed in 2022, the attacks that exploit them, the misunderstandings that make defense more difficult, and the correct mitigations to use in the Big 3 Cloud providers.

Brandon Evans, SANS Certified Instructor, Pierre Lidome,  SANS Certified Instructor Candidate, AJ Yawn, SANS Instructor & Aaron Cure, SANS Certified Instructor

2:00 PM

Cloud Security Exchange Panel Discussion
Moderator- Diana Kelley & Ed Moyle, Panelists - Dr. Anton ChuvakinDr. Roberto Bamberger, Brandon Evans & AJ Yawn

3:00 PM

Closing Remarks

Frank Kim, SANS Fellow