Availability, scalability, agility, and automation - "The Cloud" brings all of these to your fingertips. Improperly configured, it can also be a security incident waiting to happen. In this talk, we'll cover open source tools to help paint a current, accurate picture of your cloud security posture, share some insight from first-hand experience, and show examples of how you can use this approach within your organization. Matt Nash works in a variety of realms, including internal/external network infrastructure, cloud architecture, web applications, automated teller machines (ATMs), physical security, social engineering, digital forensics and incident response, and wireless. As well, these assessments span a number of industries: oil and gas energy, utility, manufacturing, software development, financial, and retail. With more infrastructure and resources moving into "the cloud", at a staggering pace, building a skillset in large-scale cloud review was an obvious choice. Matt holds a B.S. in Food and Resource Economics, and is totally qualified to speak on this topic.