For those that haven’t heard about Tink, it is a very powerful library for using cryptographic primitives. This library is used within Google and is maintained by a small team of incredbly smart cryptographers to incorporate best cryptographic practices.

In this tutorial, we’ll implement a common solution to a problem…

TL;DR: Generating and distributing service account keys poses severe security risks to your organization. They are long-lived credentials that are not automatically rotated. These keys can be leaked accidentally or maliciously allowing attackers to gain access to your sensitive GCP resources. Additionally, when used actions cannot be attributable back to…

Using cloud native security features for defense in depth

Companies are re-examining their cloud security program this week. We’ve seen some great recommendations including updating your processes, auditing and trimming system permissions, and building security into CI/CD pipelines. These are a few of our favorites.

Other experts suggest you should buy bolt-on products for heuristics, anomaly detection, and data…

VPC Service Controls provides a way to limit access to GCP Services within your Organization

TL;DR Together we’ll explore VPC Service Controls through an example of a common use case of VPC Service Control perimeters, deep dive on some key concepts, and learn how to automate administration with HashiCorp Terraform.

BigQuery Example

Ryan Canty

Cloud Security Engineer at Google Cloud http://github.com/onetwopunch

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store