The honest version: CSOH grew up around a single weekly Zoom. That's still the centerpiece. But people kept asking the obvious question โ "where do I ask a question on a Tuesday?" โ so we run a private Signal group chat for the community in between sessions. It's not posted publicly on purpose; we'd rather you join after a Friday Zoom or a quick email exchange than have it ingested by every recruiter scraper on the internet.
๐ On this page
Signal group chat (the async one)
This is the answer to "I have a cloud security question on a random weekday afternoon โ where do I ask?" A small, vetted Signal group chat run by the same people who show up Friday. End-to-end encrypted, low-noise, members-only.
How to get the invite
Two paths, both deliberately low-friction-for-humans, high-friction-for-bots:
- Email admin@csoh.org with the subject "Signal chat invite." A one-line note about who you are is appreciated but not required. We'll send the invite link back.
- Or join the next Friday Zoom โ the invite link gets dropped in the Zoom chat at some point during the session. Show up, copy the link, you're in.
What it's for
- "Has anyone seen this GuardDuty finding before?" / "Why is this IAM policy not behaving how I expect?"
- Sharing breaking news, vendor advisories, and links worth a quick look
- Asking the kind of "I feel dumb asking this" question you wouldn't open a Zoom for
- Loose discussion of upcoming Friday topics, recent breaches, certs, jobs
What it's not for
- Vendor pitches or recruiting blasts (we'll remove and ban without warning โ it's why we keep the chat off the public web)
- Sharing confidential customer data or internal incident details from your employer
- Anything that would violate the code of conduct
Friday Zoom is the heart of CSOH โ but the conversation doesn’t have to wait until Friday. โ why we run a Signal chat too
Friday Zoom (the live one)
The original CSOH surface and still the best one. Every Friday, 7am PT / 10am ET. Free, vendor-neutral, no marketing. Half presentation, half open discussion. It's the easiest way to meet the regulars and become one.
Register on the CSOH mailing list to get the calendar invite, or visit the sessions page for details and the recording archive. Recap notes for past sessions live on the meeting recaps page.
Mailing list (the broadcast one)
One-way: we send you the Zoom calendar reminder and occasional updates. We don't send marketing and we don't share the list. Sign up here.
GitHub (the contributor one)
The site itself is open-source on GitHub. Open an issue, file a PR, or just lurk.
- Suggest a resource: see the add a resource guide โ no coding required.
- Improve content: typo fixes, broken links, better explanations โ all welcome via PR. See the contribute overview.
- Build a feature: the site is plain HTML/CSS/JS with no build step. A great low-friction first open-source contribution if you've never made one.
Conferences & meetups (the in-person ones)
Cloud security is a small field; you'll keep running into the same faces if you go. We keep a curated conferences directory with the events most CSOH regulars attend โ fwd:cloudsec, BSides cities, DEF CON Cloud Village, RSA, Re:Invent's security sessions, and the relevant SANS / Microsoft / Google events.
Community etiquette
Same on every surface, lightly enforced because the community polices itself well:
- Vendor-neutral. Pitches, sales follow-ups, "have you considered our solution" comments โ out. Discussing tools you've used and how they performed is in.
- No recruiting blasts. Sharing a specific role you're hiring for is fine occasionally; using the chat as a sourcing channel isn't.
- Don't share employer-confidential data. Anonymize details; describe the shape of the problem, not the customer.
- Be kind to beginners. Most of us were new to cloud security less recently than we like to admit.
- The full code of conduct applies.
Where next
- Friday Zoom sessions โ register here.
- Email for the Signal invite.
- Contribute to the site on GitHub.
- Careers guide โ many of the most useful career conversations happen first in the Signal chat or Friday Zoom.