iQoncept - Fotolia
I heard that Netflix released three of its own threat monitoring tools designed to detect emerging security issues on the Web. What do these tools do and can they benefit an enterprise security program? Should my security team be implementing something similar?
Netflix forged a trail for others to follow when it moved to streaming movies across the Internet. The most amazing part of this transition was the technical architecture that Netflix developed as the backbone of the service. It has used a combination of open source operating systems, such as FreeBSD, and cloud services on Amazon to provide the high-performance scaling that a video streaming service would require. The massive scale of the Netflix service has forced the creation of custom technical and security solutions, which it shares with the rest of the world through open source.
Netflix has recently released three new open source security tools for threat monitoring that organizations may want to evaluate. These tools are focused on providing threat intelligence through monitoring social media, search engines and other external Web sources. The primary tool is called Scumblr, which has APIs available for searching Google, Bing, eBay, Pastebin and Twitter, among others. Scumblr can be configured to search for important clues to threat activity, such as compromised credentials, public discussions of identified vulnerabilities and hacking activity. This type of information is crucial for information security professionals and could help prevent damaging attacks before they occur.
The other open source tools released by Netflix -- Sketchy and Workflowable -- could be used independently, but are designed to increase the capabilities of Scumblr. Sketchy was designed to take screenshots of websites once they are identified by Scumblr. It uses a headless WebKit testing tool, PhantomJS, to take screenshots of both static and dynamic webpages. Workflowable is a Ruby gem that can be added to Ruby on Rails as a workflow manager to take other predefined actions after Scumblr has discovered the content. These actions could include administrator notification or other, more direct responses.
Netflix is a media company that has also become an open source technology leader. These three open source security tools are just the tip of the iceberg of the available open source tools that Netflix has shared with the community. Scumblr, Sketchy and Workflowable are great tools that security departments with limited budgets can implement to gain valuable external threat intelligence. This is the open source community model at its best.
Ask the Expert!
Have questions about enterprise security? Send them via email today! (All questions are anonymous.)
Dig Deeper on Open source security tools and software
Related Q&A from Joseph Granneman
The consequences of phishing attacks could fall on the victims as enterprises start to punish employees who fall for this age-old scam. Expert Joseph... Continue Reading
CERT's ITPM certification is designed to help enterprises with their insider threat programs. Expert Joseph Granneman discusses the certification and... Continue Reading
Privileged users pose a growing threat to organizations. Expert Joseph Granneman looks at this insider threat and shares ways to mitigate it. Continue Reading