Since giving our Blackhat talk on lateral movement and privilege escalation in GCP Google has announced a few changes. They've released a new blog post that talks about some suggested customer mitigations, as well as roll out a new org policy to prevent privilege escalation in certain roles. I'll do a recap of our Blackhat talk, cover some spill over material we didn't have time to cover, like privilege escalating remote build execution, and generally talk through the updates from Google and how they impact the original attacks we covered.
Dylan Ayrey is a Security Engineer. He has been heavily involved in the open source community for a few years, and he has been doing his best to bring security practices into the cloud/devsecops world.