This was a talk I gave at the DEF CON 31 Cloud Village about insecure Google Container Registries and common patterns observed in leaked Docker image. (No surprise, static secrets just shotgunned everywhere.)
I mention these two papers in the talk:
- CISA/NSA: Defending Continuous Integration/Continuous Delivery (CI/CD) Environments
- Secrets Revealed in Container Images: An Internet-wide Study on Occurrence and Impact
There’s a few details left out of the talk, and I intend to writeup a more complete “wrapup” once GCR is finally dead and gone in April, 2025.