Google just released a new open source community for developing innovative security tools called Forseti Security. Forseti is now open to all users of the Google Cloud Platform. Google recently shared more about the creation and the idea behind Forseti. Here are some of the highlights.
What is Forseti Security?
On its most basic level, Forseti is an open source toolkit that’s designed to help teams and businesses lock down the security of their GCP resources. Currently, the toolkit includes several different features including: an inventory feature that offers users visibility into all of their GCP resources, a scanner that validates access control policies across those GCP resources, an enforcement tool that lets users limit and remove unwanted access to GCP resources, and an explainer tool that analyzes who has access to what GCP resources.
How did Forseti get started?
The Forseti Security tool actually came about thanks to a partnership between Google and Spotify. The Spotify security team was looking for a way to secure the company’s data as they moved from in-house datacenters to the cloud. Meanwhile, Google was already working on developing security tools for GCP and was interested in bringing them to the open source community. So the two companies worked together to bring the idea of Forseti Security to life.
How can Forseti keep your GCP environment more secure?
The general idea is that Forseti gives GCP users more visibility than ever when it comes to who has access and control over which resources within GCP. Each of the tools listed above contributes to this main goal. And with it, organizations should be able to more easily manage who has access to what resources, limiting and removing any unwanted access quickly and easily. And of course, since it’s an open source toolkit, you’ll have the ability to utilize the existing tools in ways that specifically benefit your own organization by taking your own needs into account when building and altering various components.
Photo credit: Shutterstock
This is a good article around the planned usage of Forseti. Unfortunately, the software is still far away from bringing any level of comfort around GCP security given its early development state, lask of implemented planned features and also, parts are being re-achitected/rewritten as we speak.