Ian Coldwater

Coldwater started working in tech in their thirties, starting in DevOps before focusing on security.^[8] They specialized in hacking and hardening Kubernetes containers, working as an independent penetration tester before joining Heroku as a lead platform security engineer.^[8][9] From 2020 to 2023, they worked as a security architect at Twilio.^[10][11] As of April 2, 2024, they work as a Senior Principal Security Architect at Docker, Inc.

Along with Tabitha Sable, they co-chair the Kubernetes special interest group, Kubernetes SIG Security.^[5][6] They are also on the governing board of the Open Source Security Foundation.^[12]

Coldwater has spoken at conferences including DEF CON,^[13] Black Hat,^[14] KubeCon and CloudNativeCon,^[7] RSA Conference,^[15] Velocity,^[16] and devopsdays.^[17][18] In 2020, they received the Top Ambassador award from the Cloud Native Computing Foundation for spreading interest in the area.^[18]

Hacking Kubernetes, published by O'Reilly Media, credits Coldwater and Duffie Cooley for co-developing the "canonical offensive Kubernetes one-liner".^[19] In 2020, Coldwater and Brad Geesaman presented a talk at RSA 2020 titled "Advanced Persistence Threats – The Future of Kubernetes Attacks",^[20] in which they demonstrated bypassing Kubernetes audit logs and other attacks.^[19] In 2021, Coldwater, with expertise from Chad Rikansrud, became the first person in history to escape a container on a mainframe.^[13][21]

Coldwater lives in Minneapolis, Minnesota.^[15] Coldwater is non-binary, and uses they/them pronouns.^[22]

• Kelsey Hightower