Default service accounts in Google Cloud have been an area of interest for threat actors. Cloud administrators can sometimes grant unintentionally broad permissions through this mechanism to their workloads, such as virtual machines and Kubernetes clusters. In this talk, we will discuss the role of default service accounts in Google Cloud Compute Engine (GCE) and Google Cloud Kubernetes Engine (GKE), and best practices for managing and securing them.

This Session is hosted by a Google Cloud Next Sponsor.
Visit your registration profile at g.co/cloudnext to opt out of sharing your contact information with the sponsor hosting this session.