Privilege Escalation in GCP - A Transitive Path

  • Wednesday, 13 May 2020 10:30AM EDT (13 May 2020 14:30 UTC)
  • Speaker: Kat Traxler

The power of Impersonation is a deeply rooted concept in GCP and GKE.'the ability for one member to Impersonate another is a foundational capability; it will and should be leveraged as your cloud maturity grows. 'But how does your Organization securely enable Impersonation without leaving behind a 'Happy Path' for Attackers?

In this talk I will show you how an attacker could abuse permissions with Transitive properties to escalate their permissions in GCP starting from initial compromise to Project Admin. 'I'll also talk about some 'Red Flag' permissions fueling privilege escalation and how to securely handle when there is a use case for them.