DC908 Talk - An End-to-End Framework for Cloud Security

Official DEF CON 908 Meetup. Sibtay S will be giving a talk.

Talk Synopsis:
Cloud environments are dynamic, distributed, and increasingly complex, making comprehensive security more critical than ever. In this session, Sibtay Shah presents a practical, high-level framework for implementing end-to-end cloud security that balances protection with agility.

The talk will walk through the five foundational pillars of cloud security:
1. Data Asset Protection
2. Cloud Asset Protection
3. Identity & Access Management (IAM)
4. Vulnerability Management
5. Network Security

Whether you're just getting started or looking to mature your cloud security strategy, you'll walk away with a mental model to guide decisions, align stakeholders, and reduce risk at scale.

Speaker:
Sibtay Shah is a seasoned Cloud Architect and Software Architect with deep expertise in DevSecOps and cloud security. He regularly shares insights on DevSecOps, secure software delivery, and scaling security in modern cloud environments.

As the founder of 12 Tech, he has provided hands-on cloud architecture and security consulting to Fortune 500 companies. His work spans identity and access management, least privilege enforcement, infrastructure-as-code, and compliance automation across AWS and other cloud providers.

Sibtay is also the creator of T12, a purpose-built, modern cloud security platform which combines CSPM, CIEM, KSPM, and AI-driven remediation into a unified solution focused on real-world cloud misconfigurations and risk.

Schedule:
7:00 - 7:15 - Introductions
7:15 - 8:00 - Talk
8:00 - 8:15 - Socials swap
8:30 - 10:00 - Local restaurant/diner (TBD) for food & drinks

Disclaimer:
You may be included in event photos, which will be uploaded to our socials.