News


08 July 2019

Anomaly Detection Experiments on Firewall Rule in Forseti

Among security professionals, one way to identify a breach or spurious entity is to detect anomalies and abnormalities in customer usage trend. Recently, we launched the “Forseti Intelligent Agents” experimental initiative to identify anomalies, enable systems to take advantage of common user usage patterns, and identify other outlier data points. In this way, we hope to help security specialists for whom it’s otherwise cumbersome and time-consuming to manually flag these data points.

Read more...

06 June 2019

External Project Access Scanner

With the release of the external project access scanner, data exfiltration can be mitigated by identifying users who have access to projects outside of your organization or folder. In GCP, the best practice is to use service accounts to perform actions where a GCP user isn’t directly involved. The challenge here is that a service account only has permissions in the organization where Forseti is deployed. In other words, if Forseti is deployed in Organization A, it can’t see what projects a user has access to in Organization B.

This is where the concept of “delegated credentials” becomes incredibly useful. Delegated credentials allow a service account to temporarily act as a user. After compiling a list of users in the organization, the service account impersonates each user with these delegated credentials. The scanner then obtains the list of projects to which each user has access, regardless of the organization node.

Read more...

29 May 2019

Forseti Community Day Presentations

At long last we’re happy to share the presentation materials from the second annual Forseti Community Day in San Francisco, held on April 12th!

Read more...

10 April 2019

Forseti Config Validator Efforts

Today we’re excited to announce Forseti Config Validator, the newest addition to the Forseti Security toolkit. Config Validator helps cloud admins put guardrails in place to protect against misconfigurations in Google Cloud Platform environments. This allows developers to move quickly, and gives security and governance teams the ability to enforce security at scale.

Read more...

01 April 2019

Full Schedule for Forseti Community Day 2019 - San Francisco

We’re excited to share details about the schedule for Forseti Community Day. As a reminder, this event will take place on Friday, April 12th, at the Google Community Space from 9:00 am to 4:30 pm. If you’d like to attend, please sign up here!

Read more...

18 March 2019

Coming soon! Forseti GitHub Organization

Greetings Forseti Community,

Read more...

21 February 2019

Forseti Community Day 2019 - San Francisco

We’re excited to announce the second annual Forseti Community Day in San Francisco!

Read more...

18 February 2019

Forseti 1.0 Deprecation Announcement

We previously announced the End-of-Life for Forseti 1.0 in October 2018. We have extended that timeline, and this is the last notice that Forseti 1.0 will be removed from availability on March 15, 2019.

Read more...

06 December 2018

ClearDATA Running Forseti Security the Serverless Way

As part of their mission to keep their enterprise secure, ClearDATA took a liking to Forseti. They were less charmed by the traditional VM-based approach, as they are a deeply serverless outfit. As such they have taken on the spirit of Open Source Contributions and adapted Forseti to interoperate with both containers and Cloud Pub/Sub. Take a look at the Google Cloud blog post to learn more! to find out more!

Read more...

27 November 2018

Visualize your GCP Architecture using Forseti

Visualizing dynamic cloud application architecture can be a challenge, make it easy with Forseti.
Read more...