CLOUD VILLAGE @ RSA 2025

Cloud village is an open space to meet folks interested in offensive and defensive aspects of cloud security.

Contribute/Volunteer Become a Sponsor at RSA 2025 Call For Papers

About

Cloud village is an open space to meet folks interested in offensive and defensive aspects of cloud security. The village is home to various activities like talks, workshops, CTFs and discussions targeted around cloud services.

If you are a professional who is looking to gain knowledge on securely maintaining the cloud stack and loves to be around like-minded security folks who share the similar zeal towards the community, Cloud Village is the perfect place for you.

This year Cloud Village will be in-person at Yerba Buena Center for the Arts for RSA Conference 2025. We will be bringing in our amazing-as-always Capture the Flag Event on Cloud Security. Stay Tuned!

Hope to see you all there!


Crew Members:

Schedule

Cloud Village |  Sandbox at YBCA, Gallery 2

11:00 – 11:35

Cloud Reconnaissance: AI and Monitoring Edition

Jason Haddix

Abstract: Last year at DEFCON your friendly neighborhood bug hunters released a a tool to scan the entire cloud ranges to find assets related to a target.

This year at RSA Jason will be showcasing new tools in the reconnaissance arsenal that can help both blue team and red team in their respective domains. In addition, he’ll be showing workflows and methodology for reconnaissance on cloud assets that was formally manual but now can be automated via AI assistance.

11:35 – 12:10

From Cell to Shell - Abusing SageMaker AI Notebooks

Shani Peled

Abstract:

AWS SageMaker makes it easy to start working with machine learning in the cloud — but that convenience can come at a steep security cost. This talk takes a close look at SageMaker’s Quick Setup mode, a one-click path to launching notebooks that thousands of users rely on for ease of use. While it lowers the barrier for data scientists, it also creates dangerous defaults that attackers can abuse.

We’ll demonstrate how the default SageMaker execution role, provisioned automatically during quick setup, often grants overly broad permissions across critical AWS services. This role, designed for comfort and speed, becomes a powerful pivot point when accessed from within a notebook instance.

From a single code cell, an attacker can:

  • Escalate privileges within the AWS environment
  • Establish durable backdoors and exfiltrate sensitive data
  • Enumerate and access other resources
  • Abuse model endpoints and lifecycle configurations to maintain persistence
  • Move laterally into services like S3, ECR, Lambda, and CloudWatch
  • Leverage cloud permissions to pivot into identity systems and perform IdP takeover

This talk will walk through multiple real-world-inspired attack paths, chaining together SageMaker features and common misconfigurations to demonstrate how exploitation can unfold in practice. Using live PoCs and concrete examples, we’ll break down each step — from initial access in a notebook to full account compromise.

We'll also cover:

  • Why these issues are widespread in enterprise ML environments
  • How to identify risky default setups and over-permissive roles
  • Detection strategies using logs, CloudTrail, and behavior analysis
  • Defense techniques including IAM hardening, network isolation, and policy-based controls

Whether you're a security engineer, red teamer, or cloud architect, this session will shed light on an under-explored and increasingly critical attack surface. You’ll walk away with a clearer understanding of how machine learning platforms like SageMaker can introduce infrastructure-wide risks when deployed with default settings.

From uncovering privilege escalation paths to recognizing how an attacker can chain SageMaker features for persistence, lateral movement, and identity compromise — this talk will challenge common trust assumptions around managed ML services and empower you to secure them with confidence.

12:10 – 12:45

SquarePhish 2.0 – Turning QRCodes into Single Sign-On Primary Refresh Tokens

Tool Demo by Nevada Romsdahl and Kam Talebzadeh

Abstract:

SquarePhish is an advanced phishing tool that uses a technique combining the OAuth 2.0 Device Code Authentication Flow and QR codes. Version 2.0 of the tool introduces phishing for Primary Refresh Tokens — Microsoft’s Single Sign-On token. This token gives attackers broad access to Microsoft cloud resources.

In the demo, we will cover QR codes, Device Code OAuth 2.0 Flow, FOCI tokens, Primary Refresh Tokens, and putting it all together for advanced phishing attacks. The intent of our tool is to give red teamers and organizations a way to test detection and prevention capabilities.

Outline:

  • Introduction to Device Code Phishing
    • Evolution of phishing techniques and their current relevance
    • Recent increase in threat actor adoption
    • Overview of advancements in token exploitation techniques
  • OAuth Authentication Fundamentals
    • OAuth 2.0 authorization framework overview
    • Device code flow explanation and legitimate use cases
    • Access tokens vs. refresh tokens: purpose and security implications
  • QR Codes in Phishing Attacks
    • How QR codes facilitate social engineering
    • Advantages over traditional phishing links
    • User psychology and trust in QR authentication processes
  • Microsoft Token Ecosystem
    • Family of Client ID (FOCI) explanation
    • Primary Refresh Tokens (PRTs): the ultimate persistence goal
    • Token relationships and privilege escalation paths
  • SquarePhish Tool Demo
    • Architecture and components overview
    • Decoupling initial contact from authentication flow
    • Overcoming the 15-minute timeout limitation
    • Two-phase email approach
    • Demonstration of the email and server modules
    • Configuration and customization options
  • New SquarePhish Techniques (New Additions)
    • Broker authentication client phishing implementation and template
    • Automatic registration of Primary Refresh Tokens
  • Detection and Prevention Strategies
    • Detection via logging and SIEM rules
    • Conditional Access policies to mitigate device code attacks
    • Disable device code flow
    • User awareness training specific to QR phishing

12:45 – 13:20

Browser Native Ransomware in a CloudFirst World

Sponsored Talk by Audrey Adeline

Abstract:

This talk will discuss Browser/Cloud Native Ransomware, a new class of ransomware that targets cloud-native storage and SaaS apps. Residing completely in the browser, these new-age ransomwares involve no file downloads nor local processes, rendering them completely undetectable by EDRs and anti-ransomware solutions.

We will be discussing the impact of browser-native ransomware on enterprises in a cloud-first world and why most organizations are unequipped to defend against such attacks due to the limitations of SASE/SSE, endpoint DLP, and EDR technologies.

As more data is being stored in the cloud, this new threat vector poses a critical risk to enterprises that utilize any form of cloud services.

13:20 – 13:55

Machine Identity & Attack Path: The Danger of Misconfigurations

Filipi Pires

Abstract:

In today's rapidly evolving digital landscape, security within multi-cloud environments is more critical than ever. This talk aims to illuminate the complex challenges and emerging threats presented by multi-cloud setups, focusing specifically on attack paths and machine identity management.

Attendees will gain a comprehensive understanding of how attackers exploit vulnerabilities and improperly implemented security measures across cloud platforms. By delving into the intricacies of attack vectors and the pivotal role of machine identities, this presentation will provide actionable insights for fortifying cloud infrastructures.

The session will showcase the power of open-source tools—SecBridge, Cartography, and AWSPX—in enhancing the security posture of multi-cloud environments. Participants will learn how these tools can effectively map environments, visualize IAM permissions, and improve tool integrations to secure their cloud operations.

Whether you're a cybersecurity professional, cloud architect, or IT manager, this discussion will equip you with the knowledge and strategies needed to safeguard your organization's digital assets in a complex multi-cloud world. Join us to explore innovative solutions that address the pressing security needs of today's cloud ecosystems.

Outline:

  • Introduction
    • Brief overview of the complexities in securing multi-cloud environments.
  • Key Concepts
    • Attack Vector: Methods or pathways used by attackers to infiltrate a system.
    • Attack Surface: The sum of all possible points of entry for unauthorized access.
    • Machine Identity: Digital identities used by machines to authenticate and communicate securely.
  • Understanding Attack Path
    • Definition and significance of tracking potential attacker routes within cloud environments.
  • Graph Mode Visualization
    • Using graph-based tools to map and understand complex environments and attack paths.
  • Attack Exploitation in Multi-Cloud Environments
    • How attackers exploit vulnerabilities across different cloud platforms.
  • Cloud-Specific Attacks
    • AWS Attacks: Common vulnerabilities and exploitation tactics in AWS.
    • OCI Attacks: Security challenges and attack strategies specific to Oracle Cloud Infrastructure.
    • GCP Attacks: Vulnerabilities and attack methods targeting Google Cloud Platform.
    • Azure Attacks: Typical attack vectors within Microsoft Azure environments.
  • Mitigation Strategies
    • Best practices and tools for securing multi-cloud infrastructures.
    • Role of open-source tools like Cartography, AWSPX, and SecBridge in enhancing security.
  • Conclusion
    • Summarize key takeaways and encourage proactive security measures in multi-cloud setups.

13:55 – 14:30

No Click Ops, No Chaos: Crafting Secure Infrastructure as Code Pipelines

Ashish Patel and Victor Chen

Abstract:

Infrastructure as Code (IaC) allows teams to move fast, but without security built into both the code and the CI/CD pipeline, it introduces serious risks. In this talk, we’ll show how security practitioners can use Terraform CDK to integrate guardrails directly into deployment pipelines and infrastructure code.

We’ll walk through real-world examples of tested methods to reduce manual misconfigurations, improve security without slowing down development, and avoid common pitfalls. By the end of the talk, you'll have a clear understanding of how to implement security best practices in Terraform CDK while keeping your infrastructure efficient and resilient.

In July of 2024, the speakers published a blog post featured in tl;dr sec, detailing their approach to building a security-first pipeline for developers to deploy infrastructure using Terraform CDK. This talk will expand on that post with a detailed walkthrough of the steps taken, best practices implemented, and how teams of any scale can achieve similar results.

We will cover both the considerations and implementation of the following:

  • Designing and structuring your infrastructure repositories in a secure and scalable way
  • Building reusable modules that enable self-service while embedding essential security controls by default
  • Removing direct infra admin access from developers to enforce use of IaC and minimize manual intervention
  • Why Terraform CDK was selected over standard HCL workflows and how that decision shaped the pipeline
  • Techniques for making pipelines tamper-resistant, audit-friendly, and approval-gated—backed by SCPs and organizational controls

Throughout the session, we’ll share code examples and demonstrate how we ensured developers could build securely without inadvertently introducing risk into the environment.

Condensed Outline:

  • Section 1: Pipeline Design (5 mins)
    • Organizing infrastructure repositories and environments (e.g., dev, staging, prod)
    • Choosing your TACOS provider (Terraform Automation and Collaboration Software)
  • Section 2: Modularizing Your Infra Securely (15 mins)
    • Identifying key cloud resources requiring secure default configurations
    • Tag enforcement and team-based service mapping
  • Section 3: Deployment and Day-to-Day Use (15 mins)
    • Default protections to prevent abuse of IaC-created resources
    • Code ownership and approval workflows for changes
    • GitHub Actions enhancements to catch bad pushes in real-time

14:30 – 15:05

Go Jump in a Lake: How a Data Lake Can Help Your Security Program

Brian Davis

Abstract:

Back in the olden days, security was done using a SIEM. You plunked down a large sum of money, poured all of your logs (or at least the ones you could afford) into this thing that patiently collected them, then searched it either manually or automatically for threats. Over time, this concept evolved into EDR and XDR which provided a more targeted effort to identify threats — but the need to store raw logs never really went away.

Instead, our applications grew more and more complex, involving on-prem servers, cloud servers, serverless functions, containers, container orchestrators, and complicated networking to wire these things together. As this mountain of data (which is useful for finding threats) grew, so did the challenge of storing it all within a SIEM.

In recent years, the concept of using data lakes to hold all of this data has started to become more prominent; but what the heck is a data lake? How is this different from a SIEM? Why is it that this “magical panacea” suddenly appeared as an option to the alternatives?

This talk intends to demystify the concept of a data lake — explaining what it is, how it works, and even how to build one! More importantly, however, it explains the usefulness of a data lake as a tool in your security operations tool belt and how it enables you to gain greater visibility across the new technologies that you’re adding into your system on a daily basis.

11:00 – 11:35

Beyond Configuration Perfection: Redefining “Cloud Security”

Kat Traxler

Abstract:

While achieving perfect cloud configuration is a laudable goal, it's ultimately a Sisyphean task. Organizations often focus relentlessly on rectifying misconfigurations to prevent breaches, mirroring the flawed belief that a secure environment is achieved through least privilege alone.

This presentation uses lessons from behavioral economic theory to challenge the prevailing fixation on configuration perfection and advocates for a diversified cloud security strategy. We’ll examine how misleading metrics reinforce bias, and what it looks like to think slower and more deliberatively to realize better cloud security.

11:35 – 11:55

How LLMs Are Solving Terraform Vulnerabilities — And How They Compare

Lightning Talk by Edouard Viot

Abstract:

Infrastructure-as-Code (IaC) is a double-edged sword: it empowers developers to move fast and scale cloud environments, but also introduces subtle misconfigurations that can lead to major security risks. As the industry shifts left, large language models (LLMs) are emerging as powerful tools to detect and remediate Terraform vulnerabilities. But how well do they actually perform — and can they be trusted in production?

In this talk, we share the results of an in-depth evaluation of multiple open-source and proprietary LLMs on real-world Terraform security issues. We built a custom benchmark dataset of vulnerable Terraform snippets covering a wide range of misconfigurations, from overly permissive IAM policies to publicly exposed resources. Each sample is annotated with expected fixes and relevant context.

To compare models, we created a fully automated evaluation pipeline that scores LLM outputs based on semantic correctness, security effectiveness, and syntactic validity.

We also explore how inference techniques — such as prompt engineering, few-shot learning, and retrieval-augmented generation — can significantly boost model performance. More importantly, we introduce an agentic remediation framework, where the model operates iteratively to give better results.

11:55 – 12:30

Shadow SaaS in a CloudFirst World

Sponsored Talk by John Carse

Abstract:

This presentation focuses on the challenges and risks associated with Shadow SaaS in modern enterprises. As organizations increasingly adopt cloud computing, with IT spending shifting toward public cloud services, Software-as-a-Service (SaaS) has gained popularity for its speed, cost-effectiveness, and innovation cycles.

Shadow SaaS refers to unauthorized or unsanctioned SaaS applications used by employees without IT’s approval. The talk explores why Shadow SaaS is prevalent — including ease of access, productivity pressures, and lack of awareness — and explains how it differs from “Business-led IT,” where technology initiatives are intentional and aligned with organizational goals.

We’ll also examine the evolving role of the browser as the new endpoint and the growing need for browser-native security — especially as enterprises rely more heavily on web applications, browser extensions, and user-driven cloud workflows.

The session highlights key risks posed by Shadow SaaS, including data leakage, uncontrolled sharing, and the use of unsanctioned GenAI tools. Supporting statistics will demonstrate the scale of the issue, such as the percentage of SaaS apps outside IT control and the rate at which sensitive information is entered into generative tools.

The presentation concludes with actionable strategies for mitigating Shadow SaaS risks, empowering IT and security teams to regain control without hindering innovation or agility.

12:30 – 13:05

Hidden Risks of Cloud Supply Chains: Securing Third‑Party Integrations

Aamiruddin Syed

Abstract:

This talk explores the overlooked vulnerabilities in cloud supply chains—specifically third-party integrations like CI/CD tools, APIs, and dependencies—and demonstrates how attackers exploit them to breach cloud environments. Through a live attack demo and original research, we’ll reveal practical defenses, including SBOM adoption and runtime security, to help the cloud community secure their stacks collaboratively.

Third-party integrations are the lifeblood of cloud-native development, powering everything from SaaS tools to automated CI/CD pipelines and open-source libraries. Yet, as organizations race to innovate, these dependencies have become a critical blind spot, exposing cloud environments to supply chain attacks reminiscent of SolarWinds and Codecov. This talk, rooted in a year-long research effort, unveils the hidden risks lurking in cloud supply chains and arms attendees with both offensive insights and defensive strategies to safeguard their deployments.

We begin by dissecting real-world incidents that highlight the diverse entry points attackers exploit. For instance, in the 2025 Coinbase reviewdog GitHub Action attack, adversaries poisoned the reviewdog/action-setup@v1 tag, targeting the tj-actions/changed-files workflow and introducing a malicious commit to manipulate Coinbase’s pipeline. This case, alongside others like misconfigured API tokens and unvetted IaC templates, underscores the fragility of third-party integrations.

In a live demo, we’ll simulate a sophisticated attack: injecting malicious code into an AWS pipeline via a rogue third-party dependency, escalating privileges to exfiltrate data from an S3 bucket, and pivoting across a multi-cloud environment. Attendees will see firsthand how seemingly benign integrations can unravel an entire security posture.

But this isn’t just about the breach—it’s about building resilience. Leveraging fresh survey data from 200+ cloud-native organizations, we’ll reveal the alarming scope of third-party sprawl and its security implications: 73% of respondents rely on over 50 external tools, yet fewer than 20% audit them regularly.

From there, we pivot to a community-driven defense playbook. We’ll walk through generating SBOMs with tools like Syft and Trivy to map dependency risks, deploying runtime container security with Falco to detect anomalies, and implementing a vendor risk scoring system to prioritize mitigation efforts.

A hands-on segment will showcase how to lock down a cloud pipeline using AWS IAM roles, Secrets Manager, and WAF rules—all while maintaining DevOps velocity.

13:10 – 15:10

Kubernetes Security: Hands On Attack and Defense

Workshop by Lenin Alevski

Abstract:

Kubernetes is the de facto operating system of the cloud, and more and more organizations are running their workloads on Kubernetes. While Kubernetes offers many benefits, new users may introduce security risks like cluster misconfiguration, leaked credentials, cryptojacking, container escapes, and vulnerable clusters.

This workshop will teach you the fundamentals of Kubernetes security, from protecting your cluster to securing your workloads. You'll learn about RBAC, OPA, Security Contexts, Network Policies, and other security features. You'll also learn how to exploit workloads running on a Kubernetes environment using Living Off the Land (LotL) techniques like exploiting Insecure APIs, Secrets Theft, Container Escape and Pod Privilege Escalation, similar to the ones used by real-world threat actors.

This workshop is designed for both beginners and advanced students. By the end of the workshop, you'll have a deep understanding of Kubernetes security and the skills to protect your clusters and workloads.

Outline:

  • Kubernetes Security talk: ~40 mins
  • Q/A for intro talk: 10 mins
  • Break: 10 mins
  • Hands-On Attack and Defense workshop: 3 hrs
  • Abusing docker for privilege escalation
  • Container escape
  • Create New Kubernetes Cluster Using Kind
  • Explore Kubectl Command
  • Explore k9s To Manage Your Cluster
  • Deploy Kubernetes Workload
  • Get a Shell to a Running Container
  • ConfigMaps & Secrets
  • Namespaces
  • Pod Security Context
  • Kubernetes certificate authority
  • Pod resource limits
  • Scratch Containers
  • Service Account Token
  • Network Security Policies With Calico
  • kube-bench: CIS Kubernetes Benchmark
  • kube-hunter: Hunt for security weaknesses in Kubernetes clusters
  • kube-linter: Check Kubernetes YAML files and Helm charts
  • terrascan: Static code analyzer for Infrastructure as Code
  • kubeaudit: Audit your Kubernetes clusters against common security controls
  • Challenge 1: NFT Museum
  • Challenge 2: Network debugging console

This workshop is based on my open-source labs published at https://github.com/Alevsk/dvka

Cloud Village CTF

CTF start - 28th April 9:30 AM PT

CTF close - 1st May 6:00 PT



Ready to press start?

Step into Arcade in the Clouds — our Capture the Flag experience inspired by classic arcade chaos! Whether you're a button-mashing beginner or a cloud-hopping boss slayer, this CTF is packed with pixel-powered puzzles, nostalgic vibes, and cloud-native challenges.

Navigate tricky challenges, each one crafted to test your skill, curiosity, and cloud-fu. Expect rabbit holes, unexpected warp zones, and the sweet satisfaction of that final flag drop.

Play solo or co-op, and remember: there are no quarters here, only clouds to conquer.

Insert brain. Press start. We’ll see you on the leaderboard.