IAM Concerned - OAuth Token Hijacking in Google Cloud

Explore the critical security vulnerability of OAuth token hijacking in Google Cloud Platform (GCP) environments through this eye-opening Black Hat conference talk. Delve into a scenario where, despite implementing robust security measures like MFA and hardware security keys, a GCP environment falls victim to a breach via hijacked OAuth session tokens cached by gcloud access. Learn about the intricacies of this attack vector, understand its implications for cloud security, and discover potential mitigation strategies to safeguard your GCP infrastructure against such sophisticated threats. Gain valuable insights from security expert Jenko Hwong as he dissects this concerning issue and provides actionable knowledge to enhance your cloud security posture.

IAM Concerned: OAuth Token Hijacking in Google Cloud (GCP)