---
title: "Google Next 2018 security track recap"
author: Jim Thavisouk
author_gitlab: jim-thavisouk
author_twitter: jimwest405
categories: company
image_title: '/images/blogimages/securitygooglenext.jpg'
description: "Here's how one GitLab team-member made the most of the security track at Google Next 2018."
tags: events, google, cloud native, GKE, kubernetes, security
ee_cta: false
twitter_text: "A GitLab team-member's security track recap of #GoogleNext18"
---
Every time someone asks me how I like working at GitLab, I say, "I love it here!"
With our [company culture](/handbook/values), 100 percent [remote workforce](/company/culture/all-remote/), and [growing team](/jobs), it's a pleasure
to work with such a high energy team.
The [security department](/handbook/engineering/security/#security-department)
is continually growing -- very fast! We each have our own specialties and bring a diverse selection
of strong experiences, while working very well together. In my position, I have
been focusing very heavily on policy as code to raise the bar in security here at GitLab. This blog post was inspired by [William Chia](/company/team/#thewilliamchia)'s
[Google Next 2018 recap](/blog/2018/07/27/google-next-2018-recap/). If you haven't read it, I highly recommend it!
## Security highlights of Google Next 2018
### Forseti
I was excited coming into this conference for [Forseti](https://forsetisecurity.org/),
especially with the announcement of
[Forseti 2.0](https://forsetisecurity.org/news/2018/06/11/forseti-2.0-launch.html).
We had a [Forseti Hack Day](https://groups.google.com/a/forsetisecurity.org/forum/#!topic/announce/bHy8QCK_AY0)
that kicked off a day before the actual conference, which allowed me to interact
with Google engineers, product managers, and Forseti customers. For
anyone who missed Forseti's session from [Chris Law](https://www.linkedin.com/in/chrislaw/),
[Michael Capicotto](https://www.linkedin.com/in/mcapicotto/), and
[Marten Van Wezel](https://www.linkedin.com/in/martenvanwezel/), you can check it out
[the recording](https://www.youtube.com/watch?v=4TrlgbV_VlQ). See [the details for joining the discussion here](https://groups.google.com/a/forsetisecurity.org/forum/#!topic/announce/8OSAB7UEzSY).
### Istio
["Istio is platform-independent and designed to run in a variety of environments,
including those spanning Cloud, on-premise, Kubernetes, Mesos, and more."](https://istio.io/docs/concepts/what-is-istio/)
I'm excited to see Istio 1.0, which was just released a few days ago! See [the team's talk](https://youtu.be/eOI2aM9P7-c)
from [Tao Li](https://www.linkedin.com/in/tao-li-1a447935/) and
[Samrat Ray](https://www.linkedin.com/in/samratray/).
### Best practices
Everyone can use best practices. At Forseti Hack Day, I met [Tom Salmon](https://www.linkedin.com/in/tomcsalmon/)
who has vast experience in security. In his [talk](https://www.youtube.com/watch?v=ZQHoC0cR6Qw),
he provides a great knowledge base and reference point to best security practices in GCP.
<%= partial "includes/blog/content-newsletter-cta", locals: { variant: "a" } %>
### Sessions are now live
These were only a few sessions at Google Next, and there are hundreds of others
to check out. You can find them neatly categorized on
[YouTube](https://www.youtube.com/channel/UCTMRxtyHoE3LPcrl-kT4AQQ/playlists?flow=grid&view=50&shelf_id=8).
## We'd love to hear your feedback
We'd love to hear from you on how you use any of these products in your environment.
Our team is currently working very closely with the Forseti team, and I'm sure they
would love to have you join in on the discussion as well. Don't hesitate to
reach out directly to me by email (jthavisouk@gitlab.com) or join any of these groups to keep a dialogue going
about any of these products. We can only help each other in the process.