News


11 October 2019

Exciting Changes to Forseti and Terraform in 2.23

Forseti Community,

Read more...

17 September 2019

Protecting your GCP infrastructure at scale with Forseti Config Validator (part 1)

One of the greatest challenges customers face when onboarding in the cloud is how to control and protect their assets while letting their users deploy resources securely.

Read more...

17 September 2019

Terraform - Official Installation Path of Forseti Security

Forseti Community,

Read more...

30 August 2019

Forseti Community Day 2019 - London

We’re pleased to invite you to Google’s Forseti Community Day on Monday, November 18th (Right before Next London 2019, Next Ticket NOT required). Join us for a fun, interactive, and hands-on day shaping the next generation of Google Cloud Platform (GCP) security tools. Registration is now closed for this event.

Read more...

08 July 2019

Anomaly Detection Experiments on Firewall Rule in Forseti

Among security professionals, one way to identify a breach or spurious entity is to detect anomalies and abnormalities in customer usage trend. Recently, we launched the “Forseti Intelligent Agents” experimental initiative to identify anomalies, enable systems to take advantage of common user usage patterns, and identify other outlier data points. In this way, we hope to help security specialists for whom it’s otherwise cumbersome and time-consuming to manually flag these data points.

Read more...

06 June 2019

External Project Access Scanner

With the release of the external project access scanner, data exfiltration can be mitigated by identifying users who have access to projects outside of your organization or folder. In GCP, the best practice is to use service accounts to perform actions where a GCP user isn’t directly involved. The challenge here is that a service account only has permissions in the organization where Forseti is deployed. In other words, if Forseti is deployed in Organization A, it can’t see what projects a user has access to in Organization B.

This is where the concept of “delegated credentials” becomes incredibly useful. Delegated credentials allow a service account to temporarily act as a user. After compiling a list of users in the organization, the service account impersonates each user with these delegated credentials. The scanner then obtains the list of projects to which each user has access, regardless of the organization node.

Read more...

29 May 2019

Forseti Community Day Presentations

At long last we’re happy to share the presentation materials from the second annual Forseti Community Day in San Francisco, held on April 12th!

Read more...

10 April 2019

Forseti Config Validator Efforts

Today we’re excited to announce Forseti Config Validator, the newest addition to the Forseti Security toolkit. Config Validator helps cloud admins put guardrails in place to protect against misconfigurations in Google Cloud Platform environments. This allows developers to move quickly, and gives security and governance teams the ability to enforce security at scale.

Read more...

01 April 2019

Full Schedule for Forseti Community Day 2019 - San Francisco

We’re excited to share details about the schedule for Forseti Community Day. As a reminder, this event will take place on Friday, April 12th, at the Google Community Space from 9:00 am to 4:30 pm. If you’d like to attend, please sign up here!

Read more...

18 March 2019

Coming soon! Forseti GitHub Organization

Greetings Forseti Community,

Read more...