Andrew Gomez
Andrew is a member of SixGen, where he works as an Offensive Cyber Operator that specializes in network and web application pentesting. Before joining SixGen, Andrew was part of the U.S. Army Cyber Command, where he contributed to the success of defensive cyber operations.
Andrew holds a Master of Science in Cybersecurity from Georgia Institute of Technology and a Bachelor of Science in Computer Science from the University of North Georgia. Andrew has also obtained multiple certifications, including OSEP, OSCP, CRTL, CRTO, and CISSP.
Session
In this talk, we’ll shed light on the dangers of Google Apps Scripts to enterprises in a default Google Workspace. We’ll provide an overview of how App Scripts can gather data, harvest credentials, elevate privileges, how Google Workspace admins can abuse Data Loss Prevention policies to gather any data in Google Workspace. The talk will conclude with, how to detect and mitigate these types of attacks.