Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Netflix Open Sources Internal Threat Monitoring Tools

timothy posted about 2 months ago | from the how-they-watch-you-watching-them dept.

Open Source 20

alphadogg (971356) writes Netflix has released three internal tools it uses to catch hints on the Web that hackers might target its services. "Many security teams need to stay on the lookout for Internet-based discussions, posts and other bits that may be of impact to the organizations they are protecting," wrote Andy Hoernecke and Scott Behrens of Netflix's Cloud Security Team. One of the tools, called Scumblr, can be used to create custom searches of Google sites, Twitter and Facebook for users or keywords.

cancel ×

20 comments

Sorry! There are no comments related to the filter you selected.

We should all do this (0)

Anonymous Coward | about 2 months ago | (#47771343)

I am the NSA

Re:We should all do this (1)

davester666 (731373) | about 2 months ago | (#47771839)

Unfortunately, the NSA is the threat, and there is nobody monitoring them.

I wonder why they released these. (1)

haruchai (17472) | about 2 months ago | (#47771361)

Does Netflix have a tradition of free / open source software contribs?

Re: I wonder why they released these. (5, Interesting)

bsDaemon (87307) | about 2 months ago | (#47771417)

Their github account has 3 pages worth of stuff and they put a lot back into FreeBSD, too.

Re: I wonder why they released these. (1)

haruchai (17472) | about 2 months ago | (#47771481)

Good to know; nice to see more companies giving back to the opensource community.

I wonder why they released these. (4, Informative)

Anonymous Coward | about 2 months ago | (#47771421)

Yes. They just keep releasing one neat tool after the other as open source:
https://github.com/Netflix/

Re:I wonder why they released these. (5, Informative)

CrankyFool (680025) | about 2 months ago | (#47771941)

I work at Netflix (and manage a software development group).

The general approach to OSS can generally be summarized as "if it's not core product (algorithms, recommendations, etc), why haven't you open-sourced it yet?"

It's one of the (very many) nice parts of the job.

Re:I wonder why they released these. (1)

haruchai (17472) | about 2 months ago | (#47771995)

That's great to hear; wish my own company thought that way. We have talented developers but limit them to writing mostly reporting, integration & user interface code and spend megabucks buying commercial software when solid, stable free / open alternatives already exist.

Re:I wonder why they released these. (0)

Anonymous Coward | about 2 months ago | (#47772199)

It's indeed sad that in-house skills are often overlooked and not utilized to their full potential. It's also very de-motivating for the coders.

Linux User Agent (0)

Anonymous Coward | about 2 months ago | (#47772345)

Please, please, please: can you tell me what UA string I should use to Chromium with HTML5 under Linux working reliably with Netflix?

I was using one and it was working beautifully, then Netflix must have chaned the UA detection because it stopped one evening. So I found another one which worked. Then that stopped working last night :-(

I don't really want to go back to the rigmarole of Firefox with Pipelight ...

Re:Linux User Agent (2)

laffer1 (701823) | about 2 months ago | (#47773113)

For all you know, he's on the team that's trying to stop you from using chromium on netflix.

Re:Linux User Agent (0)

Anonymous Coward | about 2 months ago | (#47777845)

The bastard ... I'll work out how to do it to spite him ...

The biggest risk to Netflix (1)

gelfling (6534) | about 2 months ago | (#47771443)

Is Netflix, Amazon AWS and Xbox. Taken together any fucking thing you can imagine will or won't happen.

Netflix in news (1, Interesting)

Comen (321331) | about 2 months ago | (#47771949)

Why is it this is the only article I can really find online about Netflix petitioning the FCC to now allow the Comcast TWC merger?

http://www.engadget.com/2014/08/26/netflix-fcc-petition-time-warner-cable-comcast/

Re:Netflix in news (1)

Guspaz (556486) | about 2 months ago | (#47772055)

Huh? You've linked to an article of Netflix asking for the merger to be blocked.

The three tools (because TFA article is, well...) (4, Informative)

xxxJonBoyxxx (565205) | about 2 months ago | (#47772009)

#1: Scumblr: Ruby-based, web-configured application that allows searching the Internet for sites and content of interest. Includes libraries for sites like Google, Facebook, and Twitter.
#2: Workflowable: Ruby gem that routes different kinds of detections from Scumblr to specific processes.
#3: Sketchy: takes screenshots of web finds for Scumblr.

(I might be a little off, but the Karma gods will surely reward me.)

Only problem is the name (0)

mattr (78516) | about 2 months ago | (#47772935)

Honestly they couldn't change the name before open sourcing it?
I cannot see any company saying oh yeah let's use scumblr. And it might even be a good tool, who knows.
I wouldn't even want to propose it, and my customer actually uses similar systems.

Re:Only problem is the name (1)

ShaunC (203807) | about 2 months ago | (#47773041)

So fork it and rename it to CorporateGoodwillProtector, then suggest that to your customer.

Re:Only problem is the name (3, Informative)

CrankyFool (680025) | about 2 months ago | (#47773055)

It's an artifact of how Netflix does OSS: If you're the engineer who open-sources a product, you're the person who names the product. Sometimes that works better than others :)

Re:Only problem is the name (1)

omems (1869410) | about 2 months ago | (#47774219)

As an end-user and not a marketing weasel, I value non-marketing speak. I especially roll my eyes when companies trademark stupid names and then insist on including the symbol in every instance. (thankfully you won't see that here because I am unable to get this commenting system to reproduce it)
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?