So You Think You Can Secure Your Cloud : Red Team Engagements in GCP

Presented at BSidesSF 2022 Rescheduled, June 5, 2022, 3:30 p.m. (50 minutes)

This is a detailed guide for adversary simulations in GCP that covers how to get an initial foothold, persist, escalate privileges, use Google's own products as C2, manipulate firewall rules and compute instances, abuse Key Management Service and Google Cloud Storage to decrypt and exfiltrate data.


Presenters:

  • Madhav Bhatt
    Madhav has completed his Master's degree in Computer Engineering with specialization in Cyber Security. He worked as an intern while in college wearing multiple hats such as systems administrator , network architect, penetration tester as well as worked on research projects to design and develop IDS for OSPF route poisoning attacks. After graduation , he has been working in the field of Information Security as an Offensive Security Engineer where he has planned and executed different adversary simulations and emulations , purple team exercises , social engineering campaigns, network as well as application penetration tests. He has also developed offensive security tools such as gcpHound as well as defensive security tool, DetectionNavigator.
  • Brad Richardson
    Brad Richardson’s security practitioner career spans 15 years in the areas of vulnerability management, security audit, pentest, and red team. Brad began his technology path in system engineering and quickly became interested in how cyber attackers find cracks in the best laid security plans and hardened networks. He continues to study how attackers find ways in and takes a special interest in the psychology of social engineering, security metrics, and adversary emulation.

Links:

Similar Presentations: