Bailey Bercik

CloudSecNext Summit & Training 2025 - Cyber security training courses | SANS Institute The CloudSecNext Summit & Training brings together real-world user experiences and case studies, and practical, technical training oriented on specific approaches and skills for building and maintaini...

I’m excited to co-chair the SANS CloudSecNext Summit this year. Our Call for Presentations just opened, and we’re looking forward to hearing your talks October 2-3 in Denver, Colorado!

www.sans.org/cyber-securi...

Episode #109 is out! We speak to guest @baileybercik.bsky.social about the problem of over permissioning and how to use Microsoft Entra Permissions Management to identify and manage over-permissioned identities. Also, the news.

How has least privilege changed in 2025?

@BaileyBercik.bsky.social talks on RunAs Radio at https://buff.ly/3WcEjQ7 about Entra Permissions Management and more to help you implement least privilege rules in your systems!

It also dives deep on building GenAI apps with a Retrieval-Augmented Generation (RAG) framework and appropriate scenarios for AI agents. Really neat stuff and fun to play around with. Super excited to see this course evolve and more security content in the GenAI space evolve.

I learned a TON about AWS Bedrock and Kubernetes which I don't get to explore in my day to day. I loved that the course emphasizes how to defend against prompt injection, data poisoning, and model provided key breaches.

Earlier this week, I was invited to participate in the Alpha run of SANS SEC545: GenAI and LLM Application Security. Getting to be one of the first to see this content was a huge honor. For y’all who are interested, their Beta kicks off on January 21st: www.sans.org/cyber-securi...

Applies to explaining lots of specialty career paths, like tech/info sec.

YouTube video by SANS Cloud Security Best Practices for How to Manage All Your Access from the Cloud

Linking out the talk directly for those who are interested. We cover best practices and break down how to practically secure Gen AI apps in a vendor neutral way youtu.be/wIGevut8o7A?...

Honored that the governance for #GenerativeAI talk @jeftek.com and I gave at SANS was listed in the top 17 SANS talks of 2024 out of 300 total presentations! www.sans.org/blog/top-san...

YouTube video by Microsoft Community Learning How attackers can use applications for sustained persistence and how to find it - September 2021

First, if you aren't familiar with oAuth application consent, we did a few sessions on this topic a few years ago. You can watch the one @baileybercik.bsky.social and I did www.youtube.com/watch?v=oqb3.... Start by checking what your current application permissions are. /2

YouTube video by SANS Cloud Security Best Practices for How to Manage All Your Access from the Cloud

It was my pleasure to share the stage with @baileybercik.bsky.social at #SANS Institute #CloudSecNext where we were able to present on the importance of governance controls in the cloud & AI era. www.youtube.com/watch?v=wIGe... #microsoft #entra #identity #security

Hello world!