Most of Google’s flagship services like their search engine, Gmail, and YouTube run on Google Compute Engine, an Infrastructure as a Service (IaaS) component of GCP. What would happen if an attacker tried to compromise it? And how would you go about protecting your apps?
This course takes you on a tour of offensive and defensive techniques in GCP, starting with Virtual Machines (VM) on GCP. Learn about the attack surface, metadata compromise, and privilege escalation attacks.
Next, we’ll take a hands-on look at AppEngine, as well as Identity-Aware Proxy (IAP). To bring the course full circle, we’ll get hands-on with some defensive techniques, where you’ll learn how to secure access to your VMs through OS Login and SSH. We’ll also look at how to secure the VMs themselves.
As with every AppSecEngineer course, you’ll enjoy a full suite of hands-on exercises that simulate real-world scenarios in GCP security, giving you a full understanding of how to attack and secure your GCP compute infrastructure.
App engine 101
App engine with IAP
OS Login
Creating the hardened image with packer