Ian Coldwater

Career

Ian Coldwater began working in the technology industry in their thirties, initially entering through DevOps before transitioning to a focus on security. They developed a specialization in hacking and hardening Kubernetes containers, working as an independent penetration tester before joining Heroku as a lead platform security engineer.

From 2020 to 2023, Coldwater served as a security architect at Twilio. As of April 2024, they hold the role of Senior Principal Security Architect at Docker, Inc.

Kubernetes and Open Source Contributions

Coldwater co-chairs the Kubernetes special interest group Kubernetes SIG Security alongside Tabitha Sable. This group focuses on security practices and standards within the Kubernetes ecosystem. They also serve on the governing board of the Open Source Security Foundation, contributing to broader efforts around securing open source software supply chains.

Notable Work

Coldwater has contributed to several significant advances in offensive Kubernetes security research. In 2020, they and Brad Geesaman presented a talk at RSA Conference titled "Advanced Persistence Threats – The Future of Kubernetes Attacks," in which they demonstrated techniques for bypassing Kubernetes audit logs, among other attacks.

The O'Reilly Media book Hacking Kubernetes credits Coldwater and Duffie Cooley for co-developing what the text describes as the "canonical offensive Kubernetes one-liner," a widely referenced technique in the field.

In 2021, Coldwater, drawing on expertise from Chad Rikansrud, became the first person documented to have escaped a container running on a mainframe — a notable milestone in container security research.

Public Speaking and Recognition

Coldwater is an active public speaker in the security and cloud native communities, having presented at conferences including DEF CON, Black Hat, KubeCon, CloudNativeCon, RSA Conference, Velocity, and devopsdays.

In 2020, the Cloud Native Computing Foundation recognized Coldwater with its Top Ambassador award for their work in spreading interest and awareness in cloud native security.

Personal Life

Coldwater lives in Minneapolis, Minnesota. They are non-binary and use they/them pronouns.