diff --git a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloud-workstations-privesc.md b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloud-workstations-privesc.md
index a0019a234..57cd6bc39 100644
--- a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloud-workstations-privesc.md
+++ b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloud-workstations-privesc.md
@@ -105,11 +105,5 @@ nmap -sS -p 80,443,22 10.0.0.0/8
 
 </details>
 
-**Countermeasures:**
-
-* Disable "Running as root" in the Workstation Configuration
-* Do not mount `/var/run/docker.sock` — use remote builders (e.g., Cloud Build) instead
-* Assign a **custom service account** with minimal permissions to workstation configurations (e.g., `roles/source.reader`, `roles/artifactregistry.reader`)
-* Place the workstation project inside a **VPC Service Controls** perimeter