Ian Coldwater

Coldwater started working in tech in their thirties, starting in DevOps before focusing on security.{{Cite interview|last=Coldwater|first=Ian|interviewer1=Adam Glick|interviewer2=Craig Box|title=Attacking and Defending Kubernetes, with Ian Coldwater|url=https://kubernetespodcast.com/episode/065-attacking-and-defending-kubernetes/|access-date=July 23, 2021|work=Kubernetes Podcast|publisher=Google|date=August 6, 2019|archive-date=July 23, 2021|archive-url=https://web.archive.org/web/20210723185822/https://kubernetespodcast.com/episode/065-attacking-and-defending-kubernetes/|url-status=live}} They specialized in hacking and hardening Kubernetes containers, working as an independent penetration tester before joining Heroku as a lead platform security engineer.{{cite news |last1=Combs |first1=Veronica |date=May 1, 2021 |title=5 weird, cool things I learned from attending Deserted Island DevOps on Animal Crossing |work=TechRepublic |url=https://www.techrepublic.com/article/5-weird-cool-things-i-learned-from-attending-deserted-island-devops-on-animal-crossing/ |url-status=deviated |access-date=July 10, 2021 |archive-url=https://web.archive.org/web/20210507082228/https://www.techrepublic.com/article/5-weird-cool-things-i-learned-from-attending-deserted-island-devops-on-animal-crossing/ |archive-date=May 7, 2021}} From 2020 to 2023, they worked as a security architect at Twilio.{{Cite news |last=Lima |first=Cristiano |date=September 16, 2021 |title=Why Democrats are rallying around creating a new FTC privacy bureau to police Big Tech |newspaper=The Washington Post |url=https://www.washingtonpost.com/politics/2021/09/16/why-democrats-are-rallying-around-creating-new-ftc-privacy-bureau-police-big-tech |access-date=May 17, 2022 |archive-date=October 19, 2021 |archive-url=https://web.archive.org/web/20211019004148/https://www.washingtonpost.com/politics/2021/09/16/why-democrats-are-rallying-around-creating-new-ftc-privacy-bureau-police-big-tech/ |url-status=live }}{{Cite tweet |number=1625159589082632195 |user=IanColdwater |title=Today is my last day at Twilio. I'm going to take some time before officially going on the job market, but if you have anything interesting for my skill set, my DMs are open! Take care of yourselves and each other 🤗 |first=Ian |last=Coldwater |date=13 February 2023 |access-date=16 April 2024 |archive-url=https://web.archive.org/web/20230213194016/https://twitter.com/IanColdwater/status/1625159589082632195 |archive-date=13 February 2023 |url-status=live |link=https://twitter.com/IanColdwater/status/1625159589082632195}} As of April 2, 2024, they work as a Senior Principal Security Architect at Docker, Inc.

Along with Tabitha Sable, they co-chair the Kubernetes special interest group, Kubernetes SIG Security. They are also on the governing board of the Open Source Security Foundation.{{Cite web |title=Governing Board |url=https://openssf.org/about/governing-board/ |url-status=deviated |archive-url=https://web.archive.org/web/20210723183443/https://openssf.org/about/governing-board/ |archive-date=July 23, 2021 |access-date=July 23, 2021 |website=Open Source Security Foundation |language=en-US}}

Coldwater has spoken at conferences including DEF CON,{{Cite web|date=2021|title=DEFCON29 Speakers|url=https://defcon.org/html/defcon-29/dc-29-speakers.html#coldwater|url-status=live|access-date=August 5, 2021|website=DEF CON|archive-date=July 10, 2021|archive-url=https://web.archive.org/web/20210710003716/https://defcon.org/html/defcon-29/dc-29-speakers.html#coldwater}} Black Hat,{{Cite web|title=Speaker: Ian Coldwater|url=https://www.blackhat.com/us-19/speakers/Ian-Coldwater.html|url-status=live|access-date=July 23, 2021|website=Black Hat Briefings|archive-date=July 23, 2021|archive-url=https://web.archive.org/web/20210723183443/https://www.blackhat.com/us-19/speakers/Ian-Coldwater.html}} KubeCon and CloudNativeCon, RSA Conference,{{Cite web|title=Ian Coldwater|url=https://www.rsaconference.com/experts/ian-coldwater|url-status=live|access-date=July 23, 2021|website=RSA Conference|archive-date=July 23, 2021|archive-url=https://web.archive.org/web/20210723183443/https://www.rsaconference.com/experts/ian-coldwater}} Velocity,{{Cite web|date=2019|title=Speaker: Ian Coldwater|url=https://conferences.oreilly.com/velocity/vl-ca/public/schedule/speaker/318057.html|url-status=live|access-date=July 23, 2021|website=O'Reilly Velocity Conference|language=en|archive-date=October 28, 2020|archive-url=https://web.archive.org/web/20201028180053/https://conferences.oreilly.com/velocity/vl-ca/public/schedule/speaker/318057.html}} and devopsdays.{{Cite web|title=Ian Coldwater|url=https://devopsdays.org/events/2021-minneapolis/speakers/ian-coldwater/|url-status=live|access-date=July 23, 2021|website=devopsdays|language=en-us|archive-date=July 23, 2021|archive-url=https://web.archive.org/web/20210723183443/https://devopsdays.org/events/2021-minneapolis/speakers/ian-coldwater/}}{{cite news|last1=Cloud Native Computing Foundation|date=November 20, 2020|title=Cloud Native Computing Foundation Announces 2020 Community Awards Winners|url=https://www.prnewswire.com/news-releases/cloud-native-computing-foundation-announces-2020-community-awards-winners-301178231.html|access-date=July 10, 2021|archive-date=July 10, 2021|archive-url=https://web.archive.org/web/20210710121257/https://www.prnewswire.com/news-releases/cloud-native-computing-foundation-announces-2020-community-awards-winners-301178231.html|url-status=live}} In 2020, they received the Top Ambassador award from the Cloud Native Computing Foundation for spreading interest in the area.

Hacking Kubernetes, published by O'Reilly Media, credits Coldwater and Duffie Cooley for co-developing the "canonical offensive Kubernetes one-liner".{{Cite book |last1=Martin |first1=Andrew |url=https://www.worldcat.org/oclc/1276934473 |title=Hacking Kubernetes : threat-driven analysis and defense |last2=Hausenblas |first2=Michael |publisher=O'Reilly Media |year=2021 |isbn=978-1-4920-8170-8 |edition=First |location=Sebastapol, CA |oclc=1276934473}} In 2020, Coldwater and Brad Geesaman presented a talk at RSA 2020 titled "Advanced Persistence Threats – The Future of Kubernetes Attacks",{{Cite web |last=Geesaman |first=Brad |date=March 2, 2020 |title=Advanced Persistence Threats - The Future of Kubernetes Attacks |url=https://darkbit.io/blog/future-kubernetes-attacks-rsa-2020 |url-status=dead |archive-url=https://web.archive.org/web/20210803011821/https://darkbit.io/blog/future-kubernetes-attacks-rsa-2020 |archive-date=August 3, 2021 |access-date=May 17, 2022 |website=Darkbit |language=en}} in which they demonstrated bypassing Kubernetes audit logs and other attacks. In 2021, Coldwater, with expertise from Chad Rikansrud, became the first person in history to escape a container on a mainframe.{{Cite web |title=Container Breakout: Cybersecurity Lessons Learned |url=https://blog.share.org/Article/container-breakout-cybersecurity-lessons-learned |access-date=2022-01-24 |website= |publisher=SHARE |language=en-US |archive-date=January 24, 2022 |archive-url=https://web.archive.org/web/20220124013243/https://blog.share.org/Article/container-breakout-cybersecurity-lessons-learned |url-status=live }}

Coldwater lives in Minneapolis, Minnesota. Coldwater is non-binary, and uses they/them pronouns.{{Cite web |last=Fee |first=Nočnica |date=March 24, 2021 |title=Inspiring Women in Tech You Should Be Following |url=https://newrelic.com/blog/nerd-life/women-in-tech |access-date=July 22, 2023 |website=New Relic |language=en}}

• Kelsey Hightower

{{Reflist}}

• {{Twitter}}

{{Authority control}}

{{DEFAULTSORT:Coldwater, Ian}}

Category:21st-century American LGBTQ people

Category:American computer scientists

Category:American software engineers

Category:Computer security specialists

Category:InfoSec Twitter

Category:Living people

Category:Non-binary scientists

Category:Open source people

Category:People from Minneapolis

Category:LGBTQ people from Minnesota

Category:Year of birth missing (living people)

Category:American non-binary people

Category:American LGBTQ scientists