Netflix Open Sources Internal Threat Monitoring Tools 20
alphadogg (971356) writes Netflix has released three internal tools it uses to catch hints on the Web that hackers might target its services. "Many security teams need to stay on the lookout for Internet-based discussions, posts and other bits that may be of impact to the organizations they are protecting," wrote Andy Hoernecke and Scott Behrens of Netflix's Cloud Security Team. One of the tools, called Scumblr, can be used to create custom searches of Google sites, Twitter and Facebook for users or keywords.
I wonder why they released these. (Score:4, Informative)
Yes. They just keep releasing one neat tool after the other as open source:
https://github.com/Netflix/
Re:I wonder why they released these. (Score:5, Informative)
I work at Netflix (and manage a software development group).
The general approach to OSS can generally be summarized as "if it's not core product (algorithms, recommendations, etc), why haven't you open-sourced it yet?"
It's one of the (very many) nice parts of the job.
The three tools (because TFA article is, well...) (Score:5, Informative)
#1: Scumblr: Ruby-based, web-configured application that allows searching the Internet for sites and content of interest. Includes libraries for sites like Google, Facebook, and Twitter.
#2: Workflowable: Ruby gem that routes different kinds of detections from Scumblr to specific processes.
#3: Sketchy: takes screenshots of web finds for Scumblr.
(I might be a little off, but the Karma gods will surely reward me.)
Re:Only problem is the name (Score:4, Informative)
It's an artifact of how Netflix does OSS: If you're the engineer who open-sources a product, you're the person who names the product. Sometimes that works better than others :)