I Didn't Register for This: What's Really in Google's Artifact Registry?
Moshe Bernstein
fwd:cloudsec North America 2025 · Day 1 · Track 2 - Crestone
Moshe Bernstein, a cloud vulnerability researcher at Tenable Cloud Security, presented the results of a large-scale security audit of container images hosted on Google's **Artifact Registry**. The central question was deceptively simple: are container images uploaded by Google to their own platform -- a platform with built-in security features -- actually secure? The answer, backed by scanning over 3,000 images across 32 repositories, was a resounding no. Bernstein's research uncovered approximately 1.7 million vulnerabilities and nearly 3,000 embedded secrets, raising hard questions about the shared responsibility model, supply chain trust, and the gap between platform security features and their actual adoption.
AI review
A well-executed large-scale scanning effort that produced genuinely interesting numbers -- 1.7 million vulns and 3,000 secrets across Google's own registry images. The gcr.io permission discrepancy is a nice find. But at its core this is vulnerability scanning at scale, not novel exploitation research. The real juice -- what can you actually *do* with these findings beyond writing a blog post -- remains largely unexplored.