This talk dives into how I built FlareGuard, a serverless tool that audits cloud security configurations using just public APIs and YAML — no dashboards, no vendors, no sales pitches.

I’ll walk you through the end-to-end journey of building this tool using edge runtimes (like Cloudflare Workers), mapping configurations to NIST controls, and catching real misconfigurations in production environments.

You’ll learn:
• Why traditional CSPM tools often overpromise and underdeliver
• How I used YAML-defined baselines and edge code to close security gaps
• How to turn platform APIs into proactive security audits

If you’ve ever thought “I could build a simpler version of this,” this talk is for you.

No fluff. No FUD. Just real engineering for defenders.