Kat Traxler is the Principal Security Researcher at Vectra AI focusing on threat detection in the public cloud. Prior to her current role, she worked in various stages in the SDLC performing web application penetration testing and security architecture design for Web, IAM, Payment Technologies and Cloud Native Technologies.
Kat’s research philosophy directs her work to where design flaws and misconfigurations are most probable. This guiding principle leads her research to the intersection of technologies, particularly the convergence of cloud security and application security and where the OS-layer interfaces with higher-level abstractions.
Kat has presented at various conferences including the SANS CloudSecNext Summit and fwd:CloudSec on topics such as privilege escalation in GCP, and bug-hunting in the cloud. In addition to her work at Vectra AI, she is a member of IAN Faculty and the Lead Author of the SANS SEC549 - Enterprise Cloud Security Architecture and currently holds multiple GIAC certifications.
She started her career with SANS as a facilitator in 2016 and currently holds GIAC-GSEC, GIAC-GCWN, GIAC-GDAT and GIAC-GCPS certifications. Kat Traxler is obsessed with the attack surface at the confluence of Identity and Cloud Platform APIs and thinks you should be too.
ADDITIONAL CONTRIBUTIONS BY KAT:
- BigQuery Data Access Identity Architecture, cheat sheet
- Azure to GCP Identity Architecture, cheat sheet
- Azure to AWS Identity Architecture, cheat sheet
- The DeRF, Aug 2023, open source tool consisting of Terraform modules and a Cloud Run application written in Python
- New Tool! The DeRF: Wait Just an Infosec, Aug 2023
- WORKSHOP: Designing Access to Shared Datasets in the Cloud, March 2023
- Quick Wins in Cloud Compliance: GCP, Oct 2022