Dive into the world of cloud security with this 40-minute conference talk from Security BSides London. Explore the findings from a Blue/Red Team security simulation focused on securing cloud delivery pipelines. Learn about the current state of cloud security, essential tooling, and strategies to defend against advanced, motivated attackers. Discover real-world examples through case studies like Tin Tulip and The Creative Licensing Agency. Gain insights on implementing trusted pipelines, utilizing accounts as bulkheads, and improving architecture for enhanced security. Examine the importance of code review and adopt best practices and processes to strengthen your cloud delivery pipeline. Conclude with actionable takeaways and access to valuable repositories for further exploration and implementation.