CSOH Guest Speakers

Credentialed practitioners present at the Friday Cloud Security Office Hours sessions on a vendor-neutral, no-sales-pitch basis. Here is how the program works and how to pitch a talk.

· · Community · View source on GitHub

Cloud Security Office Hours is a free, vendor-neutral community. A big part of what makes the Friday sessions worth showing up for is the guest speakers: working practitioners who walk through something real they built, broke, defended, or investigated. This page explains how the guest-speaker program works, what a good CSOH talk looks like, where to find the archive, and how to pitch a session of your own.

It is written for two people: the practitioner deciding whether they have something worth presenting, and the attendee who wants to understand why the talks tend to be more honest than a typical conference track. If you have shipped something in cloud security and can explain the parts that did not go to plan, you probably have a talk.

On this page

  1. The guest-speaker program
  2. What makes a good CSOH talk
  3. The no-sales-pitch rule
  4. Where to find archived talks
  5. How the recap archive captures each session
  6. Pitch a talk

The guest-speaker program

Every Friday session reserves time for a guest speaker or a hands-on walk-through led by a member of the community. The bar is simple: you are a credentialed practitioner - meaning you do this work, not just talk about it - and you have a topic that a room of cloud security engineers, architects, and responders would learn something concrete from.

Speakers are not paid, and there is no keynote-industrial-complex booking process. Most talks come from people who were in the audience a few weeks earlier, mentioned something they were wrestling with, and got asked to present it. Some are seasoned architects and incident responders; some are early-career folks who solved one problem unusually well. Both are welcome. Depth of a single real story beats breadth of a survey talk almost every time.

Format is flexible. A 20-minute demo, a 40-minute deep dive, a live walk-through of a portfolio project, or a post-incident retrospective all fit. If you are newer to speaking, this is a low-stakes room to start in - it is a community, not a stage.

What makes a good CSOH talk

The best CSOH talks share a few traits. They are specific, they are honest about tradeoffs, and they leave the audience able to do something they could not do before.

Good topics span the whole field: IAM blast-radius reduction, incident response in a specific cloud, CI/CD supply-chain hardening, AI and ML security, cloud pentesting findings, or building a cloud SOC from scratch. If it taught you something, it can teach the room.

The no-sales-pitch rule

CSOH is vendor-neutral, and guest talks are held to that standard strictly. You are welcome to discuss the tools you actually use, including commercial ones, and to be honest about why - that is real practitioner context. What does not fly is a pitch: a talk whose real purpose is to sell a product, a slide deck that reads like a booth, or a demo that conveniently only shows the happy path.

The test is simple. If an attendee could swap your employer's product for a competitor's and the lesson would still hold, you are teaching. If the lesson collapses without your specific product, it is a pitch. Name tools when it helps the audience, disclose your affiliation plainly, and compare fairly. Vendors and vendor employees do speak here (the site's author works at a security vendor and holds to the same rule); they just do it as practitioners sharing what they learned, not as a sales motion. If you want the fuller reasoning behind the neutrality stance, the FAQ and community page cover it.

Where to find archived talks

Past talks and slide decks live on the presentations archive. That is the place to browse what has been covered, borrow a structure for your own session, or catch a talk you missed. Because the room is vendor-neutral and practitioner-led, the archive is a genuinely useful survey of how working teams approach cloud security across AWS, Azure, and Google Cloud.

Before you pitch, it is worth skimming the archive for two reasons: to avoid duplicating a topic that was recently covered well, and to see the level of specificity the room expects. If a subject has been presented before but you have a materially different take - a different provider, a different scale, a lesson learned since - that is not a duplicate, it is a follow-up, and follow-ups are welcome.

How the recap archive captures each session

Slides only tell part of the story. The discussion around a talk - the questions, the war stories, the "actually, we hit that too" moments - is often where the real value is. That gets captured in the recap archive.

Every session is written up in the meetings archive: a short, honest recap of what was presented, the topics that came up, and the threads worth following. The recaps deliberately drop administrative chatter and keep the substance, so you can scan a year of Fridays in an afternoon and find the session that matches whatever you are working on right now. For a speaker, the recap is also a durable record of your talk that keeps pointing people back to it long after the session ends.

Between the presentations archive for the material and the meetings archive for the conversation, most of what happens in a session outlives the hour it took place in.

Pitch a talk

If you have a topic, pitching is deliberately low-friction. There is no committee and no formal call for papers. The two things that help most are a one-line description of your talk and a sentence on why you are the person to give it - what you actually did.

Start on the present a talk page, which walks through the format options, timing, and what to send. Or skip straight to email:

To: admin@csoh.org
Subject: CSOH talk pitch - [your topic]

What I want to present (1-2 sentences):
Why me / what I actually did:
Rough length: 20 or 40 minutes
Any dates I cannot do:

You can reach the same address directly at admin@csoh.org. First-time speakers are actively encouraged - if you are nervous about it, say so, and we will keep the format friendly. The community grows when new people share what they have learned, so if you have been on the fence, this is the nudge.

Where next

Ready to move? Browse the presentations archive to see past talks, skim the meetings archive for session recaps, and read the present a talk page when you are ready to pitch. New to CSOH? Start with the sessions overview and the community page, and check the FAQ if you still have questions.