Sponsored by: AWS

Speaker: Jerry Jones IV

Abstract:

This workshop covers core AWS security concepts through practical, guided exercises. You'll gain experience with the most important AWS security services while learning how to establish compliance monitoring and audit logging frameworks while operating on AWS.

Speaker Bio:

Jerry Jones IV is an Associate Delivery Consultant – Security at Amazon Web Services, where he specializes in helping customers architect and implement secure, compliant cloud solutions. With extensive experience spanning federal cybersecurity, cloud security architecture, and AI/ML implementations, Jerry brings a unique perspective on building resilient systems that meet rigorous regulatory requirements. 

Prior to joining AWS, Jerry served as an Information System Security Officer at the U.S. Department of Education, where he led complex Authorization to Operate (ATO) efforts for mission-critical systems, successfully navigating the transition from NIST 800-53 rev4 to rev5 and managing cybersecurity operations for systems with budgets exceeding $5 million. His federal service also includes roles at the Federal Deposit Insurance Corporation, where he administered the agency's Cyber Security Assessment and Management (CSAM) tool and guided authorization efforts across 19 diverse divisions, and the U.S. Department of Agriculture, where he contributed to cloud migration strategies and high-value asset protection. 

Jerry's technical expertise spans cloud architecture, security automation, and AI/ML integration. He has designed and deployed enterprise-grade solutions including centralized backup and logging strategies for AWS Organizations, multi-account governance frameworks, and automated security baselines that ensure consistent compliance across distributed environments.

Speakers: Albin Vattakattu & Ryan Nolette

Abstract:

Cloud services power nearly every digital experience today. As these services become increasingly critical to our customers' operations, identifying and responsibly disclosing vulnerabilities is essential to maintaining their trust. This session examines how we approach security research in cloud environments, from initial discovery through coordinated disclosure and customer protection. 

We'll walk through the complete lifecycle: how security researchers evaluate cloud services for vulnerabilities, what makes cloud security research unique compared to traditional software testing, and how we work backwards from customer impact to prioritize remediation. You'll see real-world examples of vulnerabilities discovered in AWS services, understand what makes a high-quality security report, and learn how we balance transparency with giving organizations time to protect their customers. 

Key topics include the research methodology for cloud environments, Coordinated Vulnerability Disclosure (CVD) best practices, how AWS prioritizes and remediates findings, embargo period management, and our partnership approach with the security research community. This session demonstrates our commitment to security as job zero and shows how collaboration with researchers helps us better serve and protect our customers.

Speaker Bio(s):

Albin Vattakattu

Albin leads the global Vulnerability Disclosure Program (VDP) for Amazon Web Services (AWS). With over a decade of expertise in large-scale network and application security, he previously spearheaded incident response teams across North and South America. Albin holds a Master’s degree in cybersecurity from New York University (NYU) and maintains multiple industry-leading certifications.

Ryan Nolette

Ryan is AWS's Senior Security Engineer for the Outreach Team and CoAuthor of AWS Detective. He has previously held a variety of roles including threat research, incident response consulting, and every level of security operations. With almost 2 decades in the infosec field, Ryan has been on the development and operations side of companies such as Postman, Sqrrl, Carbon Black, Crossbeam Systems, SecureWorks and Fidelity Investments. Ryan has been an active speaker and writer on threat hunting and endpoint security. 

Speakers: Angad Mehata, Bhagavan Bollina & Jainil Malaviya

Abstract:

Human-in-the-loop approval is the primary safety control for enterprise AI agents. When an agent requests permission to delete files or run queries, we trust that what we approve will execute. This assumption is wrong.

This talk exposes TOCTOU (Time-of-Check to Time-of-Use) vulnerabilities in agent approval workflows. We demonstrate how attackers can modify agent actions after user approval but before execution, causing unauthorized operations even with human oversight.

We introduce agent-action-trust, an open-source library that cryptographically binds approvals to actions using content hashing and digital signatures. If an action is modified after approval, execution is automatically blocked.

Speaker Bio(s):

Angad is a security practitioner focused on AI Agent identity system security.

Panelists: TBD, TBD, TBD

Panelists: TBD, TBD, TBD

Speaker: Marc Raphael

Abstract:

As we move from chatting with AI to letting AI do things for us, a trend known as Vibe Coding, the security stakes have never been higher. When we give an AI agent the power to run commands on a computer, we are giving a digital intern a master key to our systems. If that intern is easily tricked, your data is at risk.

This beginner friendly, hands-on workshop is a laboratory for the curious. We will build a simple autonomous agent that can read files and act on its own. Then you will learn the dark art of Indirect Prompt Injection to see how easy it is to hijack an agent and turn it against its owner. Finally we will switch to defense. We will show you how to build digital cages and guardrails to keep your AI assistants helpful and harmless. No advanced coding or AI background is required. Just bring a laptop and an inquisitive mind.

Pre-requisites:

Security beginners, IT professionals, and curious developers.  No prior AI experience is necessary. 

A laptop with a web browser.

Access to a cloud based LLM tool or local equivalent.

Basic understanding of how to create a text file.

Speaker Bio:

Marc Raphael is a Cybersecurity Architect and the founder of 911Cyber, a firm specializing in high stakes incident response. Over the last three years, he has led the integration of AI agents into modern Security Operations Centers to automate complex defense tasks. Through this frontline experience, he has witnessed firsthand how autonomous agents can be compromised to wreak havoc on an organization’s infrastructure.

By combining his background in traditional incident response with cutting edge AI orchestration, he provides a unique perspective on the "execution gap" in agentic security. He is dedicated to helping organizations adopt AI automation without sacrificing their security posture.