Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore the critical security vulnerabilities within Google Cloud Platform's Tenant Projects architecture in this 20-minute conference talk from fwd:cloudsec. Dive deep into how GCP implements Tenant Projects, examining the permission models and interconnected service structures that form the backbone of GCP services yet remain widely misunderstood by cloud security practitioners. Learn about groundbreaking research that uncovered vulnerabilities in Vertex AI, revealing fundamental weaknesses in the Tenant Project model that allowed researchers to escalate privileges and gain full control over entire Tenant Projects. Discover real-world exploitation scenarios through hands-on demonstrations, including previously undisclosed vulnerabilities beyond the initial findings. Gain insights into how attackers can abuse the Tenant Project model and understand the essential defensive strategies security teams must implement. Benefit from the expertise of Palo Alto Networks researchers who specialize in cloud security posture research and have a proven track record of discovering critical vulnerabilities in major cloud platforms.
