2024-10-05 –, Track 1
In this talk, we’ll shed light on the dangers of Google Apps Scripts to enterprises in a default Google Workspace. We’ll provide an overview of how App Scripts can gather data, harvest credentials, elevate privileges, how Google Workspace admins can abuse Data Loss Prevention policies to gather any data in Google Workspace. The talk will conclude with, how to detect and mitigate these types of attacks.
Jake Coyne is a cybersecurity professional specializing in offensive security operations. He currently holds the position of Red Team Consultant at Mandiant. Before joining Mandiant, Jake worked as a Offensive operator at SIXGEN and was part of the U.S. Army Cyber Command and U.S. Cyber Command.
Jake earned a Master's degree in Cyber Security from Georgia Institute of Technology and a Bachelor's degree in Industrial Technology from Illinois State University. He holds several certifications in the field of cybersecurity, including Offensive Security Certified Professional (OSCP), Global Industrial Cyber Security Professional (GICSP), GIAC Response and Industrial Defense (GRID), and Certified Information Systems Security Professional (CISSP).
Andrew is a member of SixGen, where he works as an Offensive Cyber Operator that specializes in network and web application pentesting. Before joining SixGen, Andrew was part of the U.S. Army Cyber Command, where he contributed to the success of defensive cyber operations.
Andrew holds a Master of Science in Cybersecurity from Georgia Institute of Technology and a Bachelor of Science in Computer Science from the University of North Georgia. Andrew has also obtained multiple certifications, including OSEP, OSCP, CRTL, CRTO, and CISSP.