About

Dylan and Allison are security professionals that have co-presented on GCP security at Defcon/Blackhat 2020 as well as BSidesSF 2020

• Blackhat/Defcon 2020 - Compromise any GCP Org Via Cloud API Lateral Movement and Privilege Escalation
• BSidesSF 2020 - The GCP Metadata API

Dylan

Dylan is a security engineer who has published a number of open source tools and research topics including but not limited to:

• Trufflehog
• WPA2-HalfHandshake-Crack
• Offensive Javascript Techniques
• Pastejacking

Allison

Allison Donovan is a security researcher who specializes in cloud-based platforms and devices. She is currently employed as a Senior Infrastructure Security Engineer at Cruise, where she secures cloud-based environments at scale, and previously she worked at Microsoft on mobile application security and site reliability engineering.

Find us on Twitter

• InsecureNature
• matter_of_cat