--- title: "Google Next 2018 security track recap" author: Jim Thavisouk author_gitlab: jim-thavisouk author_twitter: jimwest405 categories: company image_title: '/images/blogimages/securitygooglenext.jpg' description: "Here's how one GitLab team-member made the most of the security track at Google Next 2018." tags: events, google, cloud native, GKE, kubernetes, security ee_cta: false twitter_text: "A GitLab team-member's security track recap of #GoogleNext18" --- Every time someone asks me how I like working at GitLab, I say, "I love it here!" With our [company culture](/handbook/values), 100 percent [remote workforce](/company/culture/all-remote/), and [growing team](/jobs), it's a pleasure to work with such a high energy team. The [security department](/handbook/engineering/security/#security-department) is continually growing -- very fast! We each have our own specialties and bring a diverse selection of strong experiences, while working very well together. In my position, I have been focusing very heavily on policy as code to raise the bar in security here at GitLab. This blog post was inspired by [William Chia](/company/team/#thewilliamchia)'s [Google Next 2018 recap](/blog/2018/07/27/google-next-2018-recap/). If you haven't read it, I highly recommend it! ## Security highlights of Google Next 2018 ### Forseti I was excited coming into this conference for [Forseti](https://forsetisecurity.org/), especially with the announcement of [Forseti 2.0](https://forsetisecurity.org/news/2018/06/11/forseti-2.0-launch.html). We had a [Forseti Hack Day](https://groups.google.com/a/forsetisecurity.org/forum/#!topic/announce/bHy8QCK_AY0) that kicked off a day before the actual conference, which allowed me to interact with Google engineers, product managers, and Forseti customers. For anyone who missed Forseti's session from [Chris Law](https://www.linkedin.com/in/chrislaw/), [Michael Capicotto](https://www.linkedin.com/in/mcapicotto/), and [Marten Van Wezel](https://www.linkedin.com/in/martenvanwezel/), you can check it out [the recording](https://www.youtube.com/watch?v=4TrlgbV_VlQ). See [the details for joining the discussion here](https://groups.google.com/a/forsetisecurity.org/forum/#!topic/announce/8OSAB7UEzSY). ### Istio ["Istio is platform-independent and designed to run in a variety of environments, including those spanning Cloud, on-premise, Kubernetes, Mesos, and more."](https://istio.io/docs/concepts/what-is-istio/) I'm excited to see Istio 1.0, which was just released a few days ago! See [the team's talk](https://youtu.be/eOI2aM9P7-c) from [Tao Li](https://www.linkedin.com/in/tao-li-1a447935/) and [Samrat Ray](https://www.linkedin.com/in/samratray/). ### Best practices Everyone can use best practices. At Forseti Hack Day, I met [Tom Salmon](https://www.linkedin.com/in/tomcsalmon/) who has vast experience in security. In his [talk](https://www.youtube.com/watch?v=ZQHoC0cR6Qw), he provides a great knowledge base and reference point to best security practices in GCP. <%= partial "includes/blog/content-newsletter-cta", locals: { variant: "a" } %> ### Sessions are now live These were only a few sessions at Google Next, and there are hundreds of others to check out. You can find them neatly categorized on [YouTube](https://www.youtube.com/channel/UCTMRxtyHoE3LPcrl-kT4AQQ/playlists?flow=grid&view=50&shelf_id=8). ## We'd love to hear your feedback We'd love to hear from you on how you use any of these products in your environment. Our team is currently working very closely with the Forseti team, and I'm sure they would love to have you join in on the discussion as well. Don't hesitate to reach out directly to me by email (jthavisouk@gitlab.com) or join any of these groups to keep a dialogue going about any of these products. We can only help each other in the process.