Scott Piper
@scottpiper.bsky.social
Cloud security historian.
Developed http://flaws.cloud, CloudMapper, and Parliament.
Founding team for fwdcloudsec.org
Principal Cloud Security Researcher at Wiz.
Developed http://flaws.cloud, CloudMapper, and Parliament.
Founding team for fwdcloudsec.org
Principal Cloud Security Researcher at Wiz.
Yuval Avrahami was ranked as the top Azure researcher by Microsoft this quarter! He has made a Kubernetes focused CTF for the Wiz Cloud Security Championship, check it out! cloudsecuritychampionship.com
Also if you can find cloud zero days, check out www.zeroday.cloud with a $4.5M prize pool!
Also if you can find cloud zero days, check out www.zeroday.cloud with a $4.5M prize pool!
October 27, 2025 at 1:47 PM
Yuval Avrahami was ranked as the top Azure researcher by Microsoft this quarter! He has made a Kubernetes focused CTF for the Wiz Cloud Security Championship, check it out! cloudsecuritychampionship.com
Also if you can find cloud zero days, check out www.zeroday.cloud with a $4.5M prize pool!
Also if you can find cloud zero days, check out www.zeroday.cloud with a $4.5M prize pool!
Thank you for sharing. At fwd:cloudsec this year, we also provided transparency into our finances and many other things in our State of the Union address. We similarly pay way too much on food and coffee, but it is somewhat due to how US hotels charge.
www.youtube.com/watch?v=PH6w...
www.youtube.com/watch?v=PH6w...
August 17, 2025 at 12:33 PM
Thank you for sharing. At fwd:cloudsec this year, we also provided transparency into our finances and many other things in our State of the Union address. We similarly pay way too much on food and coffee, but it is somewhat due to how US hotels charge.
www.youtube.com/watch?v=PH6w...
www.youtube.com/watch?v=PH6w...
Folks coming to fwd:cloudsec, my face looks different: I have a beard. Come find me and let's chat about the new CTF I put together. lnkd.in/geRrC3aN
June 27, 2025 at 3:04 PM
Folks coming to fwd:cloudsec, my face looks different: I have a beard. Come find me and let's chat about the new CTF I put together. lnkd.in/geRrC3aN
It's surprising to see a talk at re:Invent about multi-cloud and stating that you should have a plan to exit a cloud. 😮 It is a vendor talk from a multicloud company, but still unexpected to me. www.youtube.com/watch?v=PpIF...
December 8, 2024 at 6:36 PM
It's surprising to see a talk at re:Invent about multi-cloud and stating that you should have a plan to exit a cloud. 😮 It is a vendor talk from a multicloud company, but still unexpected to me. www.youtube.com/watch?v=PpIF...
My friends at The Duckbill Group are doing their annual charity t-shirt drive. This year it's about being force-fed AI. Proceeds go to 826national.org. I've put together a commercial for it. Buy the t-shirt! 💪 store.lastweekinaws.com
November 11, 2024 at 4:27 PM
My friends at The Duckbill Group are doing their annual charity t-shirt drive. This year it's about being force-fed AI. Proceeds go to 826national.org. I've put together a commercial for it. Buy the t-shirt! 💪 store.lastweekinaws.com
More things to do in SLC if you're attending #KubeCon:
- For those who celebrate Exploding Whale Day on Nov 12, I do not know of any local celebrations, but there is a majestic whale sculpture near 9th and 9th to look at.
- For those who celebrate Exploding Whale Day on Nov 12, I do not know of any local celebrations, but there is a majestic whale sculpture near 9th and 9th to look at.
November 8, 2024 at 8:36 PM
More things to do in SLC if you're attending #KubeCon:
- For those who celebrate Exploding Whale Day on Nov 12, I do not know of any local celebrations, but there is a majestic whale sculpture near 9th and 9th to look at.
- For those who celebrate Exploding Whale Day on Nov 12, I do not know of any local celebrations, but there is a majestic whale sculpture near 9th and 9th to look at.
If you're looking to add genAI to a product, Amitai and Barak have put together guidance, based on the PEACH framework, for avoiding security issues. https://www.wiz.io/blog/genai-tenant-isolation
June 28, 2023 at 5:26 PM
If you're looking to add genAI to a product, Amitai and Barak have put together guidance, based on the PEACH framework, for avoiding security issues. https://www.wiz.io/blog/genai-tenant-isolation
Wiz does a monthly podcast of top security news called "Crying out Cloud", and I appeared as a guest. Check it out.
- YouTube https://www.youtube.com/watch?v=vURBP9ueP5s
- Spotify https://open.spotify.com/episode/0VY9SGV0NJuFT7i21k1vtb?si=HYdYwWrASD2KKqPim29tEQ&nd=1
- YouTube https://www.youtube.com/watch?v=vURBP9ueP5s
- Spotify https://open.spotify.com/episode/0VY9SGV0NJuFT7i21k1vtb?si=HYdYwWrASD2KKqPim29tEQ&nd=1
June 26, 2023 at 8:21 PM
Wiz does a monthly podcast of top security news called "Crying out Cloud", and I appeared as a guest. Check it out.
- YouTube https://www.youtube.com/watch?v=vURBP9ueP5s
- Spotify https://open.spotify.com/episode/0VY9SGV0NJuFT7i21k1vtb?si=HYdYwWrASD2KKqPim29tEQ&nd=1
- YouTube https://www.youtube.com/watch?v=vURBP9ueP5s
- Spotify https://open.spotify.com/episode/0VY9SGV0NJuFT7i21k1vtb?si=HYdYwWrASD2KKqPim29tEQ&nd=1
Interesting stats from USAA in their re:Inforce talk on AWS data perimeters: 85% of cross-org calls are to S3, and 70% of those S3 calls are to buckets owned by AWS.
June 22, 2023 at 4:14 AM
Interesting stats from USAA in their re:Inforce talk on AWS data perimeters: 85% of cross-org calls are to S3, and 70% of those S3 calls are to buckets owned by AWS.
June 8, 2023 at 3:56 AM
TIL the Internet Archive has built-in diffing, so I've diff'd my favorite page, the AWS Service Terms. https://web.archive.org/web/diff/20230531191851/20230428162747/https://aws.amazon.com/service-terms/
May 31, 2023 at 7:45 PM
TIL the Internet Archive has built-in diffing, so I've diff'd my favorite page, the AWS Service Terms. https://web.archive.org/web/diff/20230531191851/20230428162747/https://aws.amazon.com/service-terms/