2012 ise west_bill_burns
by Bill Burns on Aug 10, 2012
- 544 views
Presented at the ISE West Awards Ceremony, San Francisco August 8, 2012 : http://www.iseprograms.com/west.asp ...
Presented at the ISE West Awards Ceremony, San Francisco August 8, 2012 : http://www.iseprograms.com/west.asp
Bill Burns shares how Netflix is committed to adopt a pure public cloud model, yet many security and compliance controls are not mature or do not exist in that space. Bill and his team created a prioritized, and risk-based approach to migrating existing controls from their datacenters to a global public cloud. One such example has been the migration of a distributed, purely-software Web Application Firewall system to provide basic security and compliance controls. This system protects sensitive customer information and transactions, provides a “single pane of glass” of the entire attack surface (DataCenter + global public cloud), and is compatible both with their traditional and DevOps deployment model. Furthermore, this WAF system is embedded into cloud instance build process, so it’s truly “baked in by default” for any new instances that are spawned. As new Netflix web systems are automatically added to match customer demand throughout the day, this security control is transparently applied to follow the demand curve. The end result is a system that scales equally well in both traditional datacenter and DevOps public cloud environments, and interoperate seamlessly. This provides his team and Netflix a single view of the attack surface that represents the Netflix service.
- Total Views
- Views on SlideShare
- Embed Views