Beyond the Perimeter: Retrofitting VPC-SC at Enterprise Scale
Priya Puranik, Akshay Mahajan
fwd:cloudsec North America 2026 · Day 1
In the modern cloud landscape, traditional network firewalls are increasingly insufficient to prevent data exfiltration. While Identity and Access Management (IAM) controls dictate *who* can access data, they often fall short in defining *where* that data is allowed to go and *under what conditions*. This critical gap is precisely what **VPC Service Controls (VPCSC)** aims to address, establishing a robust **data perimeter** around sensitive cloud resources. This talk by Priya Puranik and Akshay Mahajan from Wayfair delves into the intricate journey of retrofitting VPCSC at an enterprise scale, a monumental task involving over 5,000 GCP projects.
AI review
Competent practitioner war story about retrofitting VPC Service Controls across 5,000+ GCP projects. The scale is real, the operational detail is genuine, and the Google Groups exception-management pattern is a concrete transferable insight. Nothing here will surprise anyone who's done serious GCP security work, but it's honest about the pain and avoids the LinkedIn sanitization problem.