all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Expiry times for user-managed service account keys

Add to bookmarks
May 12, 2023, 10:15 a.m. | Chimbu Chinnadurai

System Weakness - Medium systemweakness.com

Image source: https://cloud.google.com/iam

In Google Cloud Platform (GCP), service account keys are used to provide Google Cloud API access to applications running outside of Google Cloud.

The problem with the service account keys is that they do not come with an expiry date, and They can become a security risk if not managed carefully. The main threats related to service account keys are:

  • Credential leakage
  • Privilege escalation
  • Information Disclosure
  • Non-repudiation

Google Cloud recently introduced expiry time support for user-managed service …

ami google cloud platform security

Visit resource

More from systemweakness.com / System Weakness - Medium

Web Pen testing Automation 1 day, 7 hours ago | systemweakness.com
bounties bugs ethical hacking hacking +1
Advance XSS payload List 1 day, 7 hours ago | systemweakness.com
amp bug bounty bug-bounty-tips bugs +11
Static Malware Analysis: Techniques & Challenges 1 day, 7 hours ago | systemweakness.com
analysis challenges code continue +17
Strengthening Cybersecurity: The Essentials of Link Pre-screening Based on Threat Intelligence 1 day, 7 hours ago | systemweakness.com
cloud computing continue cybersecurity information +15
Crack the Code Like Caesar: Build Your Own Secret Message Encrypter! [Python code included] 1 day, 7 hours ago | systemweakness.com
cipher cybersecurity encryption python +1
Hacking Outside of Private Network — Ethical Hacking as a Beginner [10] 1 day, 7 hours ago | systemweakness.com
beginner cybersecurity device devices +12
Enhancing Digital Forensics Capabilities Through Open Source Intelligence Tools in a Home Lab… 1 day, 7 hours ago | systemweakness.com
analysis capabilities collection critical +23
The Future of Programming: A Look at Emerging Languages Shaping Software Development 4 days, 8 hours ago | systemweakness.com
address article changing development +14
Cyber Detectives Unite: Advanced Tools for Web Security 4 days, 8 hours ago | systemweakness.com
bug bounty computer science cybersecurity ethical hacking +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineer - Vulnerability Management

@ Starling Bank | Southampton, England, United Kingdom
View on infosec-jobs.com

Manager Cybersecurity

@ Sia Partners | Rotterdam, Netherlands
View on infosec-jobs.com

Compliance Analyst

@ SiteMinder | Manila
View on infosec-jobs.com

Information System Security Engineer (ISSE)-Level 3, OS&CI Job #447

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Enterprise Cyber Security Analyst – Advisory and Consulting

@ Ford Motor Company | Mexico City, MEX, Mexico
View on infosec-jobs.com
View more jobs