BSides Chicago 2025: Operationalizing Identity Risk In Cloud-Native Environments

BSides Chicago 2025, held at the Hilton Chicago with around 700 attendees, explored the evolving importance of identity in cybersecurity, particularly within cloud and hybrid infrastructures. Speakers emphasized that both human and non-human identities are crucial control points in security, with adversaries exploiting identity chains and cloud control planes for stealthy attacks. Scott Hawk highlighted how attackers leverage low-privilege credentials to escalate privileges using techniques like vishing and SIM swapping, while Nikos Vourdas discussed the risks associated with service principals in Azure environments. Pulkit Garg and Jie Wu noted the vulnerabilities in Kubernetes configurations that could lead to identity abuse and control-plane breaches. The overarching theme was a shift from traditional network defenses to focusing on identity management, advocating for context-aware IAM, deception technologies like honeytokens, and rigorous monitoring of both human and machine identities to mitigate risks in a rapidly changing digital landscape.