We've locked in dates and venues for the North American (NA) and European (EU) fwd:cloudsec conferences this year!
fwd:cloudsec NA will be in the Seattle, Washington area at the Meydenbauer Center in Bellevue on June 1 and 2. 🧵
-hacks4pancakes- • 1d The reason the good faith seniors on here are posting that the junior / mid level market is bad (it is) is because we have watched it crash in real time and a lotta of us are dealing with serious fallout as both hiring managers or mentors. It's genuinely a good faith warning. It's not like, "don't get into the field we love". It's just that for a really long time you could get into cybersecurity with no degree and no IT experience because the demand was so high. And schools, influencers, and parents still play it off that it's like that. That people can work full time remote and make 80k entry salary. It's not. It hasn't been for a couple years. We've been hit by "professionalizing" and oversaturation of graduates. Can you still get in with a sec+, a kali box and a dream? Maybe, if you really meet the right people and get lucky. Pragmatically though, that won't be the case for 99.9% of young people now, and if we care at all we need to counter the "everything is rosy" message people are using to sell boot camps. We are getting hundreds of cybersecurity grads and laid off professionals with work rights applying for positions. How can organizations even take the time to look beyond that at hundreds more juniors with no degree, criminal convictions, a GED, needing a' v sponsor, etc?
You really need to take it seriously and make yourself a top candidate. And these days to be competitive you typically need a bachelors, certs, and some hands on IT work experience. You need a very good professional network. That's not true of every case. People will get lucky. Or they'll have a security clearance or live in the right remote place for an in person only job. It happens. Not often. The best thing we can do is try to enforce that they need to work seriously hard and have solid professional credentials. TLDR we aren't all assholes; some of us are trying to save 20yos from falling for Uncle Bob putting them in a bootcamp to make an easy six figures.
Ask your employer tomorrow why they operate an official account on the Twitter/X web service that built a child sexual assault materials generation machine & why they tacitly approve of pedophilia. Have your fellow employees ask the same question.
NEW: They kept saying they were gonna do it and now they've done it
A group of clowns (Senators) have introduced a bill to FULLY REPEAL Section 230.
No reform, no replacement, just utter destruction of all online free speech.
We can't let this happen. Share & take action
www.badinternetbills.com
Remember ReadOnlyAccess still lets users see things they shouldn’t if the access isn’t scoped correctly.
This meeting could have been an email. #tech #informationtechnology #infosec #cybersecurity #cloudsecurity
AWS RCP vs SCP #cloudsecurity #cybersecurity #tech #aws #cloudengineer
Anyone using skylight yet?
I laughed way too hard at this
Tough choice because of so many great talks but my favorite talk of #fwdcloudsec25 day 1 was “ECS-cape – Hijacking IAM Privileges in Amazon ECS” by Naor Haziz. Very interesting and eye opening to see how easily ECS task roles can use the creds of other tasks running on the same host. #AWSecs
Picture of opening talk of the fwd:cloudsec conference in Denver 2025.
Happy #fwdcloudsec day!!
#cloudsecurity
Check out the talks that have been accepted for fwd:cloudsec! Also, there are still tickets available for the conference! It's happening June 30-July 1 in Denver. fwdcloudsec.org/conference/n...
The fact that I’m kinda scared of retaliation from signing this really says a lot about where we are in the US right now. So bad on so many levels.
Right now there are a lot of new eyes on Signal, and not all of them are familiar with secure messaging and its nuances. Which means there’s misinfo flying around that might drive people away from Signal and private communications. 1/
So is Wiz going to prioritize RFE’s that involve GCP now? 👀
Why is container security always roped in with cloud security? I feel like they are way different
When you go to create a new AWS account to use for a personal AWS Org and realize that you created an AWS account 4 years ago and forgot about it..😅😅
Also I’m local to Denver, so if anyone wants to hangout or needs recommendations please reach out!
Ticket secured! Can’t wait!!
Unless they are also just reposting from X.
Yeah good question. But @trailblazers.bsky.social seems pretty official. And I feel like I have seen some other NBA teams on here.
Yesss, please start posting here too!
“Everything is going to be everything” - wise words of my 3 yr old. #CyberTipOfTheDay
Really cool and interesting read on how Bluesky started and how it was built. Love it!
AWS is on fire with the releases this year, specifically recently🔥 So many practical changes and security enhancements.
