PCG logo

We Make Google Cloud Even Safer


Last year was another record year for Google's Vulnerability Reward Programs (VRP). Thanks to the program, Google, together with its community, has identified and fixed thousands of vulnerabilities. Last but not least, the security of the Google Cloud Platform (GCP) was improved.

Google first announced the GCP VRP Prize in 2019 to encourage security researchers to help further increase the security of the Google Cloud. The hyperscaler has been happy about numerous submissions in the last 3 years. After careful evaluation, the winners for 2021External Link have now been announced.

We are very proud that Sebastian Lutz, Team Lead of our Google Cloud Infrastructure Team, took first place here.

Google writes:

Sebastian's excellent report details how he found a flaw in the Identity-Aware Proxy (IAP) that an attacker could have exploited to gain access to a user's IAP-protected resources by tricking them into visiting an attacker-controlled URL and stealing their IAP auth token.

We congratulate Sebastian on first place and his excellent work.

More information about Sebastian's submission and the other placements of the Vulnerability Reward Program can be found in this video.

We recommend Sebastian's winning entry to anyone who is also interested in the technical background: Bypassing Identity-Aware ProxyExternal Link

Services Used

Continue Reading

Ippen Digital Chooses Google Workspace

Ippen Digital, Europe's largest regional news network, embraced Google Workspace for seamless collaboration and enhanced productivity.

Learn more
Cloud Native Rockstar Award 2022

Benny Woletz earns recognition for excellence in the 'New Work & Collaboration' category for our solution for air conditioning specialist Viessmann.

Learn more
Transferring Large Files From Cloud Storage to Google Drive

Technical guide to a cloud-native solution for transferring data between Google Drive and Google Cloud Storage (GCS), delving into the challenges, solutions and performance considerations of this data transfer process.

Learn more
Ask a Google Cloud Consulting Trainee - Hassata

Interview with Hassata, a participant in the Google Cloud Consulting trainee program, discussing her background, experiences, and work at the Public Cloud Academy.

Learn more
See all

Let's work together

United Kingdom
Arrow Down