Ian Coldwater

Last updated

Ian Coldwater
Ian Coldwater (cropped).jpg
Ian Coldwater
Occupation(s) Computer security specialist and speaker
Employer Docker, Inc. [1]
Organization(s) Kubernetes SIG Security, Open Source Security Foundation

Ian Coldwater is an American computer security specialist, hacker, and speaker specializing in Kubernetes and cloud native security. [2] [3] They are a Senior Principal Security Architect at Docker, Inc. [1] [4] , and co-chair the Kubernetes special interest group Kubernetes SIG Security. [5] [6] [7]

Contents

Career

Coldwater started working in tech in their thirties, starting in DevOps before focusing on security. [8] They began specializing in hacking and hardening Kubernetes containers, working as an independent penetration tester before joining Heroku as a lead platform security engineer. [8] [9] From 2020 to 2023, they worked as a security architect at Twilio. [10] [11] As of 2 April 2024, they work as a Senior Principal Security Architect at Docker, Inc.

Along with Tabitha Sable, they co-chair the Kubernetes special interest group, Kubernetes SIG Security. [5] [6] They are also on the governing board of the Open Source Security Foundation. [12]

Coldwater has spoken at conferences including DEF CON, [13] Black Hat, [14] KubeCon and CloudNativeCon, [7] RSA Conference, [15] Velocity, [16] and devopsdays. [17] [18] In 2020, they received the Top Ambassador award from the Cloud Native Computing Foundation for spreading interest in the area. [18]

Hacking Kubernetes, published by O'Reilly Media, credits Coldwater and Duffie Cooley for co-developing the "canonical offensive Kubernetes one-liner". [19] In 2020, Coldwater and Brad Geesaman presented a talk at RSA 2020 titled "Advanced Persistence Threats – The Future of Kubernetes Attacks", [20] in which they demonstrated bypassing Kubernetes audit logs and other attacks. [19] In 2021, Coldwater, with expertise from Chad Rikansrud, became the first person in history to escape a container on a mainframe. [13] [21]

Personal life

Coldwater lives in Minneapolis, Minnesota. [15] Politically, they identify as an anarchist. [22] Coldwater is non-binary, and uses they/them pronouns. [23]

See also

Related Research Articles

Microsoft Azure, often referred to as Azure, is a cloud computing platform developed by Microsoft. It offers access, management, and the development of applications and services through global data centers. It also provides a range of capabilities, including software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). Microsoft Azure supports many programming languages, tools, and frameworks, including Microsoft-specific and third-party software and systems.

Linode, LLC was an American cloud hosting provider that focused on providing Linux-based virtual machines, cloud infrastructure, and managed services.

Twilio Inc. is an American cloud communications company based in San Francisco, California, which provides programmable communication tools for making and receiving phone calls, sending and receiving text messages, and performing other communication functions using its web service APIs.

<span class="mw-page-title-main">OpenShift</span> Cloud computing software

OpenShift is a family of containerization software products developed by Red Hat. Its flagship product is the OpenShift Container Platform — a hybrid cloud platform as a service built around Linux containers orchestrated and managed by Kubernetes on a foundation of Red Hat Enterprise Linux. The family's other products provide this platform through different environments: OKD serves as the community-driven upstream, Several deployment methods are available including self-managed, cloud native under ROSA, ARO and RHOIC on AWS, Azure, and IBM Cloud respectively, OpenShift Online as software as a service, and OpenShift Dedicated as a managed service.

Docker is a set of platform as a service (PaaS) products that use OS-level virtualization to deliver software in packages called containers. The service has both free and premium tiers. The software that hosts the containers is called Docker Engine. It was first released in 2013 and is developed by Docker, Inc.

Google Cloud Platform (GCP), offered by Google, is a suite of cloud computing services that provides a series of modular cloud services including computing, data storage, data analytics, and machine learning, alongside a set of management tools. It runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search, Gmail, and Google Docs, according to Verma, et.al. Registration requires a credit card or bank account details.

Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management. Originally designed by Google, the project is now maintained by a worldwide community of contributors, and the trademark is held by the Cloud Native Computing Foundation.

<span class="mw-page-title-main">Mirantis</span> Cloud computing software and services company

Mirantis Inc. is a Campbell, California, based B2B open source cloud computing software and services company. Its primary container and cloud management products, part of the Mirantis Cloud Native Platform suite of products, are Mirantis Container Cloud and Mirantis Kubernetes Engine. The company focuses on the development and support of container and cloud infrastructure management platforms based on Kubernetes and OpenStack. The company was founded in 1999 by Alex Freedland and Boris Renski. It was one of the founding members of the OpenStack Foundation, a non-profit corporate entity established in September, 2012 to promote OpenStack software and its community. Mirantis has been an active member of the Cloud Native Computing Foundation since 2016.

<span class="mw-page-title-main">Dynatrace</span> American technology company

Dynatrace, Inc. is a global technology company that provides a software observability platform based on artificial intelligence (AI) and automation. Dynatrace technologies are used to monitor, analyze, and optimize application performance, software development and security practices, IT infrastructure, and user experience for businesses and government agencies throughout the world.

Serverless computing is a cloud computing execution model in which the cloud provider allocates machine resources on demand, taking care of the servers on behalf of their customers. "Serverless" is a misnomer in the sense that servers are still used by cloud service providers to execute code for developers. However, developers of serverless applications are not concerned with capacity planning, configuration, management, maintenance, fault tolerance, or scaling of containers, VMs, or physical servers. Serverless computing does not hold resources in volatile memory; computing is rather done in short bursts with the results persisted to storage. When an app is not in use, there are no computing resources allocated to the app. Pricing is based on the actual amount of resources consumed by an application. It can be a form of utility computing.

Docker, Inc. is an American technology company that develops productivity tools built around Docker, which automates the deployment of code inside software containers. Major commercial products of the company are Docker Hub, a central repository of containers, Docker Desktop, a GUI application for Windows and Mac to manage containers. The historic offering was Docker Enterprise PaaS business, acquired by Mirantis. The company is also an active contributor to various CNCF projects, such as containerd and runC. The main open source offering of the company are Docker Engine and buildkit which are rebranded under the Moby umbrella project. The core specification, Dockerfile, still includes the company trademark, however.

<span class="mw-page-title-main">Dan Kohn</span> American entrepreneur (1972–2020)

Dan Kohn was an American serial entrepreneur and nonprofit executive who led the Linux Foundation's Public Health initiative. He was the executive director at Cloud Native Computing Foundation (CNCF), which sustains and integrates open source cloud software including Kubernetes and Fluentd, through 2020. The first company he founded, NetMarket, conducted the first secure commercial transaction on the web in 1994.

<span class="mw-page-title-main">Prometheus (software)</span> Application used for event monitoring and alerting

Prometheus is a free software application used for event monitoring and alerting. It records metrics in a time series database built using an HTTP pull model, with flexible queries and real-time alerting. The project is written in Go and licensed under the Apache 2 License, with source code available on GitHub, and is a graduated project of the Cloud Native Computing Foundation, along with Kubernetes and Envoy.

Container Linux is a discontinued open-source lightweight operating system based on the Linux kernel and designed for providing infrastructure for clustered deployments. One of its focuses was scalability. As an operating system, Container Linux provided only the minimal functionality required for deploying applications inside software containers, together with built-in mechanisms for service discovery and configuration sharing.

TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Designed to be MySQL compatible, it is developed and supported primarily by PingCAP and licensed under Apache 2.0. It is also available as a paid product. TiDB drew its initial design inspiration from Google's Spanner and F1 papers.

The Cloud Native Computing Foundation (CNCF) is a Linux Foundation project that was started in 2015 to help advance container technology and align the tech industry around its evolution.

A cloud-native network function (CNF) is a software-implementation of a function, or application, traditionally performed on a physical device, but which runs inside Linux containers. The features that differ CNFs from VNFs, one of the components of network function virtualization, is the approach in their orchestration.

<span class="mw-page-title-main">Kelsey Hightower</span> American software engineer, developer advocate, and speaker

Kelsey Hightower is an American software engineer, developer advocate, and speaker known for his work with Kubernetes, open-source software, and cloud computing.

eBPF Safe dynamic programs and tools

eBPF is a technology that can run programs in a privileged context such as the operating system kernel. It is the successor to the Berkeley Packet Filter (BPF) filtering mechanism in Linux, and is also used in other parts of the Linux kernel as well.

<span class="mw-page-title-main">Cilium (computing)</span>

Cilium is a cloud native technology for networking, observability, and security. It is based on the kernel technology eBPF, originally for better networking performance, and now leverages many additional features for different use cases. The core networking component has evolved from only providing a flat Layer 3 network for containers to including advanced networking features, like BGP and Service mesh, within a Kubernetes cluster, across multiple clusters, and connecting with the world outside Kubernetes. Hubble was created as the network observability component and Tetragon was later added for security observability and runtime enforcement. Cilium runs on Linux and is one of the first eBPF applications being ported to Microsoft Windows through the eBPF on Windows project.

References

  1. 1 2 @IanColdwater (March 21, 2024). ""I'll be starting my new job as Principal Security Architect at @Docker on April 2"" (Tweet). Archived from the original on April 16, 2024. Retrieved April 16, 2024 via Twitter.
  2. Kennedy, Maddy (April 18, 2019). "100 women you should invite to speak at your next Twin Cities tech event" . Minneapolis/St. Paul Business Journal . Archived from the original on July 31, 2021. Retrieved July 10, 2021.
  3. Menn, Joseph (September 9, 2021). "Microsoft warns Azure customers of flaw that could have permitted hackers access to data". Reuters . Archived from the original on September 9, 2021. Retrieved September 9, 2021.
  4. @IanColdwater (April 6, 2024). ""Senior Principal Security Architect"" (Tweet). Archived from the original on April 16, 2024. Retrieved April 16, 2024 via Twitter.
  5. 1 2 Sharma, Mayank (December 4, 2020). "Docker support is being deprecated in Kubernetes - but not just yet". TechRadar . Archived from the original on July 10, 2021. Retrieved July 10, 2021.
  6. 1 2 Coldwater, Ian; Sable, Tabitha; Raghunathan, Savitha; Small, Aaron (May 14, 2021). Get In Containerds, We're Going Securing: Kubernetes SIG Security is Here! (Video). Cloud Native Computing Foundation. Event occurs at 0:10. Archived from the original on July 23, 2021. Retrieved July 23, 2021.
  7. 1 2 "Ian Coldwater". KubeCon + CloudNativeCon Europe 2020. 2020. Archived from the original on July 23, 2021. Retrieved July 23, 2021.
  8. 1 2 Coldwater, Ian (August 6, 2019). "Attacking and Defending Kubernetes, with Ian Coldwater". Kubernetes Podcast (Interview). Interviewed by Adam Glick; Craig Box. Google. Archived from the original on July 23, 2021. Retrieved July 23, 2021.
  9. Combs, Veronica (May 1, 2021). "5 weird, cool things I learned from attending Deserted Island DevOps on Animal Crossing". TechRepublic . Archived from the original on May 7, 2021. Retrieved July 10, 2021.
  10. Lima, Cristiano (September 16, 2021). "Why Democrats are rallying around creating a new FTC privacy bureau to police Big Tech". The Washington Post . Archived from the original on October 19, 2021. Retrieved May 17, 2022.
  11. @IanColdwater (February 13, 2023). ""Today is my last day at Twilio."" (Tweet). Archived from the original on February 13, 2023. Retrieved April 16, 2024 via Twitter.
  12. "Governing Board". Open Source Security Foundation . Archived from the original on July 23, 2021. Retrieved July 23, 2021.
  13. 1 2 "DEFCON29 Speakers". DEF CON . 2021. Archived from the original on July 10, 2021. Retrieved August 5, 2021.
  14. "Speaker: Ian Coldwater". Black Hat Briefings . Archived from the original on July 23, 2021. Retrieved July 23, 2021.
  15. 1 2 "Ian Coldwater". RSA Conference . Archived from the original on July 23, 2021. Retrieved July 23, 2021.
  16. "Speaker: Ian Coldwater". O'Reilly Velocity Conference. 2019. Archived from the original on October 28, 2020. Retrieved July 23, 2021.
  17. "Ian Coldwater". devopsdays. Archived from the original on July 23, 2021. Retrieved July 23, 2021.
  18. 1 2 Cloud Native Computing Foundation (November 20, 2020). "Cloud Native Computing Foundation Announces 2020 Community Awards Winners". Archived from the original on July 10, 2021. Retrieved July 10, 2021.
  19. 1 2 Martin, Andrew; Hausenblas, Michael (2021). Hacking Kubernetes : threat-driven analysis and defense (First ed.). Sebastapol, CA: O'Reilly Media. ISBN   978-1-4920-8170-8. OCLC   1276934473.{{cite book}}: CS1 maint: date and year (link)
  20. Geesaman, Brad (March 2, 2020). "Advanced Persistence Threats - The Future of Kubernetes Attacks". Darkbit. Archived from the original on August 3, 2021. Retrieved May 17, 2022.
  21. "Container Breakout: Cybersecurity Lessons Learned". SHARE. Archived from the original on January 24, 2022. Retrieved January 24, 2022.
  22. "@IanColdwater on Twitter". Archived from the original on June 18, 2021. Retrieved September 26, 2022.
  23. Fee, Nočnica (March 24, 2021). "Inspiring Women in Tech You Should Be Following". New Relic . Retrieved July 22, 2023.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.