Cloud Security Podcast by Google

EP167 Stolen Cards and Fake Accounts: Defending Google Cloud Against Abuse

Apr 8, 2024

Guest Maria Riaz, an Engineering Lead at Google Cloud, discusses counter-abuse and security on GCP, dealing with stolen cards, and relevant competencies for this field. They explore academic vs industry experience, popular abuse types like coin mining, and innovative abuse strategies at Google, emphasizing problem-solving and user safety.

25:24

Creator website

Episode guests

Maria Riaz

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Counter abuse focuses on preventing unauthorized utilization of services to protect users and systems.

Abuse detection includes combating coin mining, necessitating vigilance and collaboration for system integrity.

Deep dives

The Role of Counter Abuse at Google Cloud

Maria Riaz, an engineering lead at Google Cloud, discusses the importance of counter abuse in safeguarding Google systems and users from unauthorized utilization of services. Counter abuse focuses on preventing users from exploiting systems in ways not intended by Google, which may violate terms of service. Riaz leads the engineering team, collaborating with various departments to combat security and abuse vectors, emphasizing the need to address abuse proactively for user protection.

Introduction

2min

Navigating the Complex Relationship Between Security and Abuse in Cloud Computing

5min

Exploring Cyber Abuse and Academic Influence

3min

Exploring Popular Abuse Types in Cybersecurity, with a Focus on Coin Mining

3min

Innovative Abuse Strategies and Problem-Solving at Google

13min

Speakers:

Maria Riaz, Cloud Counter-Abuse, Engineering Lead, Google Cloud

Topics:

What is “counter abuse”? Is this the same as security?
What does counter-abuse look like for GCP?
What are the popular abuse types we face?
Do people use stolen cards to get accounts to then violate the terms with?
How do we deal with this, generally?
Beyond core technical skills, what are some of the relevant competencies for working in this space that would appeal to a diverse set of audience?
You have worked in academia and industry. What similarities or differences have you observed?

Resources / reading:

Video
EP165 Your Cloud Is Not a Pet - Decoding 'Shifting Left' for Cloud Security
P161 Cloud Compliance: A Lawyer - Turned Technologist! - Perspective on Navigating the Cloud
“Art of War” by Sun Tzu
“Dare to Lead” by Brene Brown
"Multipliers" by Liz Wiseman

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Cloud Security Podcast by Google

EP167 Stolen Cards and Fake Accounts: Defending Google Cloud Against Abuse

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Role of Counter Abuse at Google Cloud

Impact of Coin Mining on Cloud Platforms

Navigating Security and Abuse Challenges

Remember Everything You Learn from Podcasts