Google Cloud IAP - A Pentester Viewpoint
Cloud Security Podcast26 Heinä 2023

Google Cloud IAP - A Pentester Viewpoint

Google Cloud Security Assessment from a pentester's lens. Anjali from NotSoSecure will be sharing her research into Google Cloud IAP & finding ways to assess the use of Google Cloud IAP in your environment and what are some of the low hanging fruits that you can remove today to reduce any potential risk from the service to your Google Cloud environment.


Episode YouTube Video Link


Host Twitter: Ashish Rajan (⁠⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠⁠)

Guest Socials: Anjali S's Linkedin (Anjali S)

Podcast Twitter - ⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠Cloud Security Newsletter

- ⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠


Spotify TimeStamp for Interview Questions

A word from our sponsors - you can visit them on ⁠⁠⁠⁠⁠snyk.io/csp⁠⁠⁠⁠⁠


(00:00) Introduction

(04:31) A bit about Anjali Shukla

(05:23) What is GCP IAP?

(07:18) Why is IAP so important?

(09:55) IAP and Identity Federation

(11:34) SSH vs Jump Box

(13:57) GCP IAP vs AWS Cognito

(16:22) Misconfigurations in GCP IAP

(23:17) Potential security scenarios

(25:45) Cloud Security Assessment in GCP

(28:13) Doing your own cloud security assessment

(30:49) The Fun Questions


See you at the next episode!


Jaksot(345)

WHAT IS CYBER RESILIENCY IN CLOUD?

WHAT IS CYBER RESILIENCY IN CLOUD?

In this episode of the Virtual Coffee with Ashish edition, we spoke with Chris Hughes (Linkedin - Chris Hughes) & Dr. Nikki Robinson (Linkedin @dr-nikki-robinson) are the host of Resilient Cyber Podca...

25 Heinä 202138min

AWS Security - Managing Threat Detection and Response

AWS Security - Managing Threat Detection and Response

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ely Khan (@elykahn) is the Principal Product Manager at AWS (@AWS). Episode ShowNotes, Links and Transcript on Cloud Security P...

21 Heinä 202146min

Cloud Security RoadMap - Scott Piper

Cloud Security RoadMap - Scott Piper

In this episode of the Virtual Coffee with Ashish edition, we spoke with Scott Piper (@0xdabbad00) is a AWS Security Legend who has written AWS Security tools for the community and among other things ...

18 Heinä 20211h 4min

Comparing Cloud Security Tools - CWPP, CSPM, CASB & CNAPP

Comparing Cloud Security Tools - CWPP, CSPM, CASB & CNAPP

In this episode of the Virtual Coffee with Ashish edition, we spoke with Patrick Pushor (@CloudChronicle) is the Technical Evangelist at Orca Security (@OrcaSec). Episode ShowNotes, Links and Transcri...

11 Heinä 202149min

Cloud Infrastructure Security at Scale - Netflix

Cloud Infrastructure Security at Scale - Netflix

In this episode of the Virtual Coffee with Ashish edition, we spoke with Srinath Kuruvadi (@Srinath Kuruvadi) is the Head of Cloud Infrastructure Security at Netflix (@Netflix). Episode ShowNotes, Lin...

4 Heinä 202149min

Hacker Valley Studio - ExIST Framework to reach Peak Performance in CyberSecurity

Hacker Valley Studio - ExIST Framework to reach Peak Performance in CyberSecurity

In this episode of the Virtual Coffee with Ashish edition, we spoke with Chris Cochran (@chriscochrcyber) and Ronald Eddings (@ronaldeddings) are the host of a CyberSecurity Podcast called Hacker Vall...

27 Kesä 202137min

Finding Security Bugs in Google Cloud - Kat Traxler

Finding Security Bugs in Google Cloud - Kat Traxler

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kat Traxler (@nightmarejs) is the Cloud Security Engineering Lead, Best Buy(@BestBuy). Episode ShowNotes, Links and Transcript ...

20 Kesä 202137min

Hacker stories from the Internet - Darknet Diaries

Hacker stories from the Internet - Darknet Diaries

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jack Rhysider (@jackrhysider) is the host of Award Winning CyberSecurity Podcast Darknet Diaries (@DarknetDiaries). Episode Sho...

13 Kesä 202157min