GCP Lateral Movement and Privileged Escalation Spill Over and Updates from Google

Thursday, September 3, 2020

11:00 AM - 12:00 PM PDT

60 minutes, including Q&A

Since giving our Blackhat talk on lateral movement and privilege escalation in GCP Google has announced a few changes. They've released a new blog post that talks about some suggested customer mitigations, as well as roll out a new org policy to prevent privilege escalation in certain roles. I'll do a recap of our Blackhat talk, cover some spill over material we didn't have time to cover, like privilege escalating remote build execution, and generally talk through the updates from Google and how they impact the original attacks we covered.

Brought to you by:


Guest Presenter:

Dylan Ayrey

Security Engineer

Dylan Ayrey is a Security Engineer. He has been heavily involved in the open source community for a few years, and he has been doing his best to bring security practices into the cloud/devsecops world.

Sustaining Partners