Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Netflix Releases Internally Developed Security Tools

Netflix has released two applications used by the company’s security team to monitor the Web for potential threats.

Netflix has released two applications used by the company’s security team to monitor the Web for potential threats.

Just like other major companies, Netflix constantly analyzes online discussions and posts that might present an interest to its security team. For example, hackers could be planning on launching a distributed denial-of-service (DDoS) attack against its servers. If they are discussing their plans on a social media platform or on a forum, the company could learn of the attack and prevent it from causing any damage.

Two of the security-related applications used by Netflix’s security team are Scumblr and Sketchy, which the company released on Monday as open source.

Scumblr, a Web app developed in Ruby on Rails, enables users to search the Internet for content of interest. Its built-in plugins are designed for searches on seven popular websites, including Google, Facebook and Twitter. However, new plugins can easily be created for manual or automatic searches on other sites, the company said.

“Scumblr leverages a gem called Workflowable (which we are also open sourcing) that allows setting up flexible workflows that can be associated with search results,” Andy Hoernecke and Scott Behrens of the Netflix Cloud Security Team explained in a blog post. “These workflows can be customized so that different types of results go through different workflow processes depending on how you want to action them. Workflowable also has a plug-in architecture that allows triggering custom automated actions at each step of the process.”

Scumblr is designed to work together with Sketchy, which takes screenshots and collects text from websites. This can be prove useful because some of the results found by Scumblr could be on malicious sites. By using the two applications together, security analysts can view the content they’re looking for without putting themselves at risk.

Advertisement. Scroll to continue reading.

“Although a variety of tools and frameworks exist for taking screenshots, we discovered a number of edge cases that made taking reliable screenshots difficult – capturing screenshots from AJAX-heavy sites, cut-off images with virtual X drivers, and SSL and compression issues in the PhantomJS driver for Selenium, to name a few,” Hoernecke and Behrens said.

Sketchy, which can be used through an API, addresses all these issues. The tool is capable of saving HTML, capturing screenshots and scraping text, all of which can be stored locally or in the cloud (AWS S3 bucket).

In order to allow users to scale Sketchy for capturing data from large websites, Netflix developers have relied on the Celery task management system. As for AJAX-heavy websites, PhantomJS with “lazy-rendering” is leveraged to ensure that the content is captured correctly.

Scumblr, Sketchy and Workflowable are available on Netflix’s page on GitHub.

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Sherrod DeGrippo has been appointed Head of Threat Intelligence for Palo Alto Networks Unit 42.

Christopher Porter has joined Booz Allen Hamilton as Global Chief Information Security Officer.

Yael Ben Arie has joined exposure validation company Pentera as Chief Product Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.