Google & Spotify Make Open Source Security Music

Mitch Wagner

Google and Spotify are releasing Forseti, a set of open source security tools for Google Cloud Platform users.

"Forseti gives us visibility into the GCP infrastructure that we didn't have before, and we use it to help make sure we have the right controls in place and stay ahead of the game," according to Spotify engineers, in a post on the Google Cloud Platform blog scheduled to go live Friday, which Google sent to Enterprise Cloud News in advance.

The blog post continues, "It helps keep us informed about what's going on in our environment so that we can quickly find out about any risky misconfigurations so they can be fixed right away. These tools allow us to create a workflow that puts the security team in a proactive stance rather than a reactive one. We can inform everyone involved on time rather than waiting for an incident to happen."

Google booth at Mobile World Congress in Barcelona this year.
Google booth at Mobile World Congress in Barcelona this year.

The tools help Spotify's security team "to be a business enabler, rather than a blocker to getting things done," the Spotify engineers say.

Forseti, developed by engineers from both companies in collaboration, provides four sets of tools: Inventory, for visibility into existing Google Cloud Platform (GCP) resources; Scanner to validate access control policies across GCP resources; Enforcer to remove unwanted access to GCP resources; and Explain, to analyze "who has what access to GCP resources," according to the blog post.

The post concludes with a call to join the Forseti community.

Google's Forseti announcement comes a day after Microsoft announced plans for Microsoft Azure confidential computing technology for protecting data when it is in use and in the clear. (See Microsoft Azure 'Confidential Computing' Secures Data In Use.)

Last month, Google disclosed details of a chip called Titan, previously announced in March, to secure data center servers.

Security is becoming a bigger issue for enterprises after a series of break-ins and attacks, culminating with the recent Equifax hack that compromised records for up to 143 million people. (See Equifax Breach Won't Be the Last or Worst.)

Related posts:

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Follow me on Facebook Editor, Enterprise Cloud News

Make sure your company and services are listed free of charge at Virtuapedia, the comprehensive set of searchable databases covering the companies, products, industry organizations and people that are directly involved in defining and shaping the virtualization industry.

(3)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
User Rank: Light Sabre
9/22/2017 | 12:22:06 PM
The tie-in between Google and Spotify along with the benefits of getting the expertise to run the cloud, allows some cross-publicity as well, as seen here and other places the brands build their names and products through the interactions between the two.
Joe Stanganelli
Joe Stanganelli,
User Rank: Light Sabre
9/16/2017 | 10:51:09 PM
> Why is it they don't build their own private cloud?

Because, I suppose, they expressly don't want to be in the private cloud business.

Even Netflix uses AWS.
User Rank: Light Sabre
9/16/2017 | 1:19:24 PM
I didn't even know Spotify was working with Google Cloud Platform. Why is it they don't build their own private cloud? Maybe it's because Google is giving them the tools they need to keep the business running optimally. 
More Blogs from Wagner’s Ring
We're packing our bags for Dallas, for our cleverly named Network Virtualization and SDN Americas conference, but first we sat down to talk about NV, SDN and our favorite travel snack.
Will Apple's new iPhone 11 grow telco profits? Will Apple TV+ compete in a crowded OTT market? And why does everybody have fabulous hair in an Apple TV+ series where civilization has collapsed because everybody in the world is blind?
After years of defending itself against US spying accusations, Huawei claims the US government is spying on it.
The satellite network operator is looking to the Open Networking Automaton Platform (ONAP) to automate connecting its space-based network with terrestrial operators.
VMware's been shopping this summer, buying three cloud and networking startups that will bolster its telco strategy.
Featured Video
Upcoming Live Events
September 17-19, 2019, Dallas, Texas
October 1-2, 2019, New Orleans, Louisiana
October 10, 2019, New York, New York
October 22, 2019, Los Angeles, CA
November 5, 2019, London, England
November 7, 2019, London, UK
November 14, 2019, Maritim Hotel, Berlin
December 3-5, 2019, Vienna, Austria
December 3, 2019, New York, New York
March 16-18, 2020, Embassy Suites, Denver, Colorado
May 18-20, 2020, Irving Convention Center, Dallas, TX
All Upcoming Live Events