EP60 Impersonating Service Accounts in GCP and Beyond: Cloud Security Is About IAM?

Topics covered:

• Could you explain briefly why identity is so important in the cloud?
• A skeptic on cloud security once told us that “in the cloud, we are one identity mistake from a breach.” Is this true?
• For listeners who aren’t familiar with GCP, could you give us the 30 second story on “what is a service account.” How is it different from a regular IAM account?
• What are service account impersonations?
• How can I see if my service accounts can be impersonated? How do I detect it?
• How can I better secure my organization from impersonation attacks?