SlideShare a Scribd company logo

From Gates to Guardrails: Alternate Approaches to Product Security

Jason Chan
Jason Chan

1. Jason Chan, an engineering director at Netflix, gave a presentation about product security approaches at Netflix. 2. Netflix has an agile development culture with over 200 daily production pushes across 1000+ supported devices in 40 countries. This results in a need for security approaches that can handle Netflix's scale and speed. 3. Netflix employs approaches like visibility into security-related data, automation through over 1000 tests, and an immutable server pattern to enable security in their fast-paced, cloud-based environment.

TechnologyBusiness
1 of 37
From Gates to Guardrails: Alternate Approaches to Product Security LASCON 2013 Jason Chan chan@netflix.com
About Me •  Engineering Director @ Netflix: –  Security: Product, App, Ops, IR, etc. •  Previously: –  Led security team @ VMware –  Consultant - @stake, iSEC Partners
About Netflix
AGILE/CD/CLOUD/DEVOPS CHARACTERISTICS
SAFELY HANDLING SPEED & SCALE
Netflix Environment •  •  •  •  •  •  ~200 production pushes/day 40m+ subscribers Support for 1000+ devices Service in 40+ countries Concurrent delivery from 3 AWS regions ~1/3 of US download bandwidth at peak
CULTURE
Recruiting Infrastructure/Systems/ Cloud AppSec Development Monitoring & Response Online Operations
Waiting, working, Easy planning and complete reporting Per-user filters
VISIBILITY
Dashboards for Security Data Sub- Services and Dashboards Dashboards for Regional SecurityDrill-down Relevant Events for Key Services and Lookback
Meaningful subject Alert configuration What to do? Useful links for more data Embedded graph
Access to changes by app, region, environment, etc. Lookback in time as needed
Chat integration lets engineers easily access info
App name Jenkins (CI) job Currently running clusters by region/ environment
Cluster ID Deployment details AMI version SCM commit
Link to relevant JIRA(s) Modified files Source diffs
AUTOMATION
1000+ tests to compare proposed vs. existing
AWS components
Configuration history Details (rules)
ImmutableServer Pattern •  “ . . . a server that once deployed, is never modified, merely replaced with a new updated instance.” –  http://martinfowler.com/bliki/ ImmutableServer.html
Wrapping Up •  Cloud/DevOps/Agile/CD are transformative (for org & security) •  Orgs embracing tend to deal in speed and scale •  Look to culture, visibility, and automation as security enablers in these environments
Summary Meeting’s Over – Questions?
Netflix Links •  http://techblog.netflix.com •  http://netflix.github.io/#repo •  http://www.slideshare.net/netflix
Photo Credits •  •  •  •  •  •  •  •  Conzelman Road: http://www.california-travels.com/2012/05/04/pointbonita-lighthouse/ Canary: http://www.lafebervet.com/avian-medicine-list/basicinformation-sheets-for-the-canary/ Visibility: http://photography.nationalgeographic.com/wallpaper/ photography/photo-tips/city-photos/golden-gate-bridge-fog/ Scale: http://www.livestockscales.info/ Guinea fowl: http://danrouthphotography.blogspot.com/2009/07/ running-bird.html Culture Club: http://www.last.fm/music/Culture+Club/This+Time:+The +First+Four+Years Babou: http://wildstar-central.com/index.php?threads/extaticaswallpapers-post-my-1200-post-_.4400/ Derek: http://www.fastcocreate.com/3016905/kindness-is-the-newirony-ricky-gervais-on-bringing-an-unlikely-hero-to-netflix-with-derek

Recommended

apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformable
apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformableapidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformable
apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformable
apidays
 
Zero Trust
Zero TrustZero Trust
Zero Trust
Boaz Shunami
 
apidays LIVE Singapore - Open Banking: A foundation for the new world by Bhar...
apidays LIVE Singapore - Open Banking: A foundation for the new world by Bhar...apidays LIVE Singapore - Open Banking: A foundation for the new world by Bhar...
apidays LIVE Singapore - Open Banking: A foundation for the new world by Bhar...
apidays
 
Onfido: Data-Driven Product Management at Scale
Onfido: Data-Driven Product Management at ScaleOnfido: Data-Driven Product Management at Scale
Onfido: Data-Driven Product Management at Scale
Amazon Web Services
 
Retail Banking Trends book 2022
Retail Banking Trends book 2022Retail Banking Trends book 2022
Retail Banking Trends book 2022
Capgemini
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
Guido Marchetti
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern
 
Top Trends in Payments 2022
Top Trends in Payments 2022Top Trends in Payments 2022
Top Trends in Payments 2022
Capgemini
 

Recommended

apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformable
apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformableapidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformable
apidays London 2022 - The State of Banking APIs 2022, Mark Boyd, Platformable
apidays
 
Zero Trust
Zero TrustZero Trust
Zero Trust
Boaz Shunami
 
apidays LIVE Singapore - Open Banking: A foundation for the new world by Bhar...
apidays LIVE Singapore - Open Banking: A foundation for the new world by Bhar...apidays LIVE Singapore - Open Banking: A foundation for the new world by Bhar...
apidays LIVE Singapore - Open Banking: A foundation for the new world by Bhar...
apidays
 
Onfido: Data-Driven Product Management at Scale
Onfido: Data-Driven Product Management at ScaleOnfido: Data-Driven Product Management at Scale
Onfido: Data-Driven Product Management at Scale
Amazon Web Services
 
Retail Banking Trends book 2022
Retail Banking Trends book 2022Retail Banking Trends book 2022
Retail Banking Trends book 2022
Capgemini
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
Guido Marchetti
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern
 
Top Trends in Payments 2022
Top Trends in Payments 2022Top Trends in Payments 2022
Top Trends in Payments 2022
Capgemini
 
NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explained
rtp2009
 
Chase Bank Digital Strategy
Chase Bank Digital Strategy Chase Bank Digital Strategy
Chase Bank Digital Strategy
Sierra Resovsky
 
How salesforce is using salesforce for driving demand b2b marketing that sale...
How salesforce is using salesforce for driving demand b2b marketing that sale...How salesforce is using salesforce for driving demand b2b marketing that sale...
How salesforce is using salesforce for driving demand b2b marketing that sale...
Salesforce - Sweden, Denmark, Norway
 
Embedded Finance - the $7 Trillion market opportunity
Embedded Finance - the $7 Trillion market opportunityEmbedded Finance - the $7 Trillion market opportunity
Embedded Finance - the $7 Trillion market opportunity
Simon Torrance
 
Bot Manager + Cloudlet Strengthen Mitigation Capability
Bot Manager + Cloudlet Strengthen Mitigation CapabilityBot Manager + Cloudlet Strengthen Mitigation Capability
Bot Manager + Cloudlet Strengthen Mitigation Capability
Akamai Developers & Admins
 
Zipline-dmuzzin-CompanyPreso
Zipline-dmuzzin-CompanyPresoZipline-dmuzzin-CompanyPreso
Zipline-dmuzzin-CompanyPreso
Dominic Muzzin
 
F88 pitch deck
F88 pitch deckF88 pitch deck
F88 pitch deck
Tech in Asia
 
Kona Web Application Firewall Overview - Akamai at RSA Conference 2013
Kona Web Application Firewall Overview - Akamai at RSA Conference 2013Kona Web Application Firewall Overview - Akamai at RSA Conference 2013
Kona Web Application Firewall Overview - Akamai at RSA Conference 2013
Akamai Technologies
 
Fintech_Trends_for_2022_report_by_Erlang_Solutions.pdf
Fintech_Trends_for_2022_report_by_Erlang_Solutions.pdfFintech_Trends_for_2022_report_by_Erlang_Solutions.pdf
Fintech_Trends_for_2022_report_by_Erlang_Solutions.pdf
Erlang Solutions
 
The future of banking
The future of bankingThe future of banking
The future of banking
Barbara Biro
 
Digital reference architecture in hybrid cloud
Digital reference architecture in hybrid cloudDigital reference architecture in hybrid cloud
Digital reference architecture in hybrid cloud
Davide Veronese
 
(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion
Pitch Decks
 
Digital Bank: What and How
Digital Bank: What and HowDigital Bank: What and How
Digital Bank: What and How
Ivano Digital
 
Digital Lending
Digital LendingDigital Lending
Digital Lending
Aguai Solutions Pvt Ltd
 
Anfin pitch deck
Anfin pitch deckAnfin pitch deck
Anfin pitch deck
Tech in Asia
 
Eric Littman (elittman) Company Presentation - Instacart
Eric Littman (elittman) Company Presentation - InstacartEric Littman (elittman) Company Presentation - Instacart
Eric Littman (elittman) Company Presentation - Instacart
EricLittman3
 
Lincode pitch deck
Lincode pitch deckLincode pitch deck
Lincode pitch deck
Tech in Asia
 
Thrive with accenture product and platform engineering services
Thrive with accenture product and platform engineering servicesThrive with accenture product and platform engineering services
Thrive with accenture product and platform engineering services
Accenture Technology
 
FendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacks
FendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacksFendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacks
FendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacks
Venkat Chandra ("VC")
 
Digital Banking Strategy Roadmap - 3.24.15
Digital Banking Strategy Roadmap - 3.24.15Digital Banking Strategy Roadmap - 3.24.15
Digital Banking Strategy Roadmap - 3.24.15
Calvin Turner
 
Resilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and ScaleResilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and Scale
Jason Chan
 
Amazon Web Services Security
Amazon Web Services SecurityAmazon Web Services Security
Amazon Web Services Security
Jason Chan
 

More Related Content

What's hot

NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explained
rtp2009
 
Chase Bank Digital Strategy
Chase Bank Digital Strategy Chase Bank Digital Strategy
Chase Bank Digital Strategy
Sierra Resovsky
 
How salesforce is using salesforce for driving demand b2b marketing that sale...
How salesforce is using salesforce for driving demand b2b marketing that sale...How salesforce is using salesforce for driving demand b2b marketing that sale...
How salesforce is using salesforce for driving demand b2b marketing that sale...
Salesforce - Sweden, Denmark, Norway
 
Embedded Finance - the $7 Trillion market opportunity
Embedded Finance - the $7 Trillion market opportunityEmbedded Finance - the $7 Trillion market opportunity
Embedded Finance - the $7 Trillion market opportunity
Simon Torrance
 
Bot Manager + Cloudlet Strengthen Mitigation Capability
Bot Manager + Cloudlet Strengthen Mitigation CapabilityBot Manager + Cloudlet Strengthen Mitigation Capability
Bot Manager + Cloudlet Strengthen Mitigation Capability
Akamai Developers & Admins
 
Zipline-dmuzzin-CompanyPreso
Zipline-dmuzzin-CompanyPresoZipline-dmuzzin-CompanyPreso
Zipline-dmuzzin-CompanyPreso
Dominic Muzzin
 
F88 pitch deck
F88 pitch deckF88 pitch deck
F88 pitch deck
Tech in Asia
 
Kona Web Application Firewall Overview - Akamai at RSA Conference 2013
Kona Web Application Firewall Overview - Akamai at RSA Conference 2013Kona Web Application Firewall Overview - Akamai at RSA Conference 2013
Kona Web Application Firewall Overview - Akamai at RSA Conference 2013
Akamai Technologies
 
Fintech_Trends_for_2022_report_by_Erlang_Solutions.pdf
Fintech_Trends_for_2022_report_by_Erlang_Solutions.pdfFintech_Trends_for_2022_report_by_Erlang_Solutions.pdf
Fintech_Trends_for_2022_report_by_Erlang_Solutions.pdf
Erlang Solutions
 
The future of banking
The future of bankingThe future of banking
The future of banking
Barbara Biro
 
Digital reference architecture in hybrid cloud
Digital reference architecture in hybrid cloudDigital reference architecture in hybrid cloud
Digital reference architecture in hybrid cloud
Davide Veronese
 
(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion
Pitch Decks
 
Digital Bank: What and How
Digital Bank: What and HowDigital Bank: What and How
Digital Bank: What and How
Ivano Digital
 
Digital Lending
Digital LendingDigital Lending
Digital Lending
Aguai Solutions Pvt Ltd
 
Anfin pitch deck
Anfin pitch deckAnfin pitch deck
Anfin pitch deck
Tech in Asia
 
Eric Littman (elittman) Company Presentation - Instacart
Eric Littman (elittman) Company Presentation - InstacartEric Littman (elittman) Company Presentation - Instacart
Eric Littman (elittman) Company Presentation - Instacart
EricLittman3
 
Lincode pitch deck
Lincode pitch deckLincode pitch deck
Lincode pitch deck
Tech in Asia
 
Thrive with accenture product and platform engineering services
Thrive with accenture product and platform engineering servicesThrive with accenture product and platform engineering services
Thrive with accenture product and platform engineering services
Accenture Technology
 
FendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacks
FendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacksFendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacks
FendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacks
Venkat Chandra ("VC")
 
Digital Banking Strategy Roadmap - 3.24.15
Digital Banking Strategy Roadmap - 3.24.15Digital Banking Strategy Roadmap - 3.24.15
Digital Banking Strategy Roadmap - 3.24.15
Calvin Turner
 

What's hot (20)

NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explained
 
Chase Bank Digital Strategy
Chase Bank Digital Strategy Chase Bank Digital Strategy
Chase Bank Digital Strategy
 
How salesforce is using salesforce for driving demand b2b marketing that sale...
How salesforce is using salesforce for driving demand b2b marketing that sale...How salesforce is using salesforce for driving demand b2b marketing that sale...
How salesforce is using salesforce for driving demand b2b marketing that sale...
 
Embedded Finance - the $7 Trillion market opportunity
Embedded Finance - the $7 Trillion market opportunityEmbedded Finance - the $7 Trillion market opportunity
Embedded Finance - the $7 Trillion market opportunity
 
Bot Manager + Cloudlet Strengthen Mitigation Capability
Bot Manager + Cloudlet Strengthen Mitigation CapabilityBot Manager + Cloudlet Strengthen Mitigation Capability
Bot Manager + Cloudlet Strengthen Mitigation Capability
 
Zipline-dmuzzin-CompanyPreso
Zipline-dmuzzin-CompanyPresoZipline-dmuzzin-CompanyPreso
Zipline-dmuzzin-CompanyPreso
 
F88 pitch deck
F88 pitch deckF88 pitch deck
F88 pitch deck
 
Kona Web Application Firewall Overview - Akamai at RSA Conference 2013
Kona Web Application Firewall Overview - Akamai at RSA Conference 2013Kona Web Application Firewall Overview - Akamai at RSA Conference 2013
Kona Web Application Firewall Overview - Akamai at RSA Conference 2013
 
Fintech_Trends_for_2022_report_by_Erlang_Solutions.pdf
Fintech_Trends_for_2022_report_by_Erlang_Solutions.pdfFintech_Trends_for_2022_report_by_Erlang_Solutions.pdf
Fintech_Trends_for_2022_report_by_Erlang_Solutions.pdf
 
The future of banking
The future of bankingThe future of banking
The future of banking
 
Digital reference architecture in hybrid cloud
Digital reference architecture in hybrid cloudDigital reference architecture in hybrid cloud
Digital reference architecture in hybrid cloud
 
(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion(Pitch Deck): How FTX raised over $1 billion
(Pitch Deck): How FTX raised over $1 billion
 
Digital Bank: What and How
Digital Bank: What and HowDigital Bank: What and How
Digital Bank: What and How
 
Digital Lending
Digital LendingDigital Lending
Digital Lending
 
Anfin pitch deck
Anfin pitch deckAnfin pitch deck
Anfin pitch deck
 
Eric Littman (elittman) Company Presentation - Instacart
Eric Littman (elittman) Company Presentation - InstacartEric Littman (elittman) Company Presentation - Instacart
Eric Littman (elittman) Company Presentation - Instacart
 
Lincode pitch deck
Lincode pitch deckLincode pitch deck
Lincode pitch deck
 
Thrive with accenture product and platform engineering services
Thrive with accenture product and platform engineering servicesThrive with accenture product and platform engineering services
Thrive with accenture product and platform engineering services
 
FendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacks
FendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacksFendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacks
FendBend.AI Digital Claims Admin Fintech (Insurtech) Business Pitch @DVHacks
 
Digital Banking Strategy Roadmap - 3.24.15
Digital Banking Strategy Roadmap - 3.24.15Digital Banking Strategy Roadmap - 3.24.15
Digital Banking Strategy Roadmap - 3.24.15
 

Viewers also liked

Resilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and ScaleResilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and Scale
Jason Chan
 
Amazon Web Services Security
Amazon Web Services SecurityAmazon Web Services Security
Amazon Web Services Security
Jason Chan
 
The Psychology of Security Automation
The Psychology of Security AutomationThe Psychology of Security Automation
The Psychology of Security Automation
Jason Chan
 
Splitting the Check on Compliance and Security
Splitting the Check on Compliance and SecuritySplitting the Check on Compliance and Security
Splitting the Check on Compliance and Security
Jason Chan
 
Defending Netflix from Abuse
Defending Netflix from AbuseDefending Netflix from Abuse
Defending Netflix from Abuse
Jason Chan
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
Jason Chan
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
Jason Chan
 
Practical Cloud Security
Practical Cloud SecurityPractical Cloud Security
Practical Cloud SecurityJason Chan
 
Practical Security Automation
Practical Security AutomationPractical Security Automation
Practical Security Automation
Jason Chan
 
Careers in Security
Careers in SecurityCareers in Security
Careers in Security
Jason Chan
 
Real World Cloud Application Security
Real World Cloud Application SecurityReal World Cloud Application Security
Real World Cloud Application SecurityJason Chan
 
Resilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedResilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons Learned
Jason Chan
 
Security at Scale - Lessons from Six Months at Yahoo
Security at Scale - Lessons from Six Months at YahooSecurity at Scale - Lessons from Six Months at Yahoo
Security at Scale - Lessons from Six Months at Yahoo
Alex Stamos
 
Cloud Security at Netflix
Cloud Security at NetflixCloud Security at Netflix
Cloud Security at NetflixJason Chan
 
Analyze System and Code Interactions
Analyze System and Code InteractionsAnalyze System and Code Interactions
Analyze System and Code Interactions
Qualcomm Developer Network
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit Perspectives
Jason Chan
 
Cloud Security @ Netflix
Cloud Security @ NetflixCloud Security @ Netflix
Cloud Security @ Netflix
Jason Chan
 
Ibm cloud nativenetflixossfinal
Ibm cloud nativenetflixossfinalIbm cloud nativenetflixossfinal
Ibm cloud nativenetflixossfinalaspyker
 
Re:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS IntegrationRe:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS Integration
aspyker
 
Netflix Global Applications - NoSQL Search Roadshow
Netflix Global Applications - NoSQL Search RoadshowNetflix Global Applications - NoSQL Search Roadshow
Netflix Global Applications - NoSQL Search Roadshow
Adrian Cockcroft
 

Viewers also liked (20)

Resilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and ScaleResilience and Compliance at Speed and Scale
Resilience and Compliance at Speed and Scale
 
Amazon Web Services Security
Amazon Web Services SecurityAmazon Web Services Security
Amazon Web Services Security
 
The Psychology of Security Automation
The Psychology of Security AutomationThe Psychology of Security Automation
The Psychology of Security Automation
 
Splitting the Check on Compliance and Security
Splitting the Check on Compliance and SecuritySplitting the Check on Compliance and Security
Splitting the Check on Compliance and Security
 
Defending Netflix from Abuse
Defending Netflix from AbuseDefending Netflix from Abuse
Defending Netflix from Abuse
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
 
Practical Cloud Security
Practical Cloud SecurityPractical Cloud Security
Practical Cloud Security
 
Practical Security Automation
Practical Security AutomationPractical Security Automation
Practical Security Automation
 
Careers in Security
Careers in SecurityCareers in Security
Careers in Security
 
Real World Cloud Application Security
Real World Cloud Application SecurityReal World Cloud Application Security
Real World Cloud Application Security
 
Resilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedResilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons Learned
 
Security at Scale - Lessons from Six Months at Yahoo
Security at Scale - Lessons from Six Months at YahooSecurity at Scale - Lessons from Six Months at Yahoo
Security at Scale - Lessons from Six Months at Yahoo
 
Cloud Security at Netflix
Cloud Security at NetflixCloud Security at Netflix
Cloud Security at Netflix
 
Analyze System and Code Interactions
Analyze System and Code InteractionsAnalyze System and Code Interactions
Analyze System and Code Interactions
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit Perspectives
 
Cloud Security @ Netflix
Cloud Security @ NetflixCloud Security @ Netflix
Cloud Security @ Netflix
 
Ibm cloud nativenetflixossfinal
Ibm cloud nativenetflixossfinalIbm cloud nativenetflixossfinal
Ibm cloud nativenetflixossfinal
 
Re:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS IntegrationRe:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS Integration
 
Netflix Global Applications - NoSQL Search Roadshow
Netflix Global Applications - NoSQL Search RoadshowNetflix Global Applications - NoSQL Search Roadshow
Netflix Global Applications - NoSQL Search Roadshow
 

Similar to From Gates to Guardrails: Alternate Approaches to Product Security

Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerů
MarketingArrowECS_CZ
 
Netflix Cloud Architecture and Open Source
Netflix Cloud Architecture and Open SourceNetflix Cloud Architecture and Open Source
Netflix Cloud Architecture and Open Source
aspyker
 
iWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience SolutioniWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience Solution
xband
 
Introduction to the AWS Cloud – Russell Hall
Introduction to the AWS Cloud – Russell HallIntroduction to the AWS Cloud – Russell Hall
Introduction to the AWS Cloud – Russell Hall
Amazon Web Services
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
Amazon Web Services
 
Deep dive into service fabric after 2 years
Deep dive into service fabric after 2 yearsDeep dive into service fabric after 2 years
Deep dive into service fabric after 2 years
Tomasz Kopacz
 
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park
Amazon Web Services Korea
 
Cisco ACI for the Microsoft Cloud Platform
Cisco ACI for the Microsoft Cloud PlatformCisco ACI for the Microsoft Cloud Platform
Cisco ACI for the Microsoft Cloud Platform
Shashi Kiran
 
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frog
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frogWebinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frog
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frog
QualiQuali
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion segura
RogerChaucaZea
 
SplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT BreakoutSplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT Breakout
Splunk
 
Reducing Cost with DNA Automation
Reducing Cost with DNA AutomationReducing Cost with DNA Automation
Reducing Cost with DNA Automation
Cisco Canada
 
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...You Can't Protect What you Can't See. AWS Security Best Practices - Session S...
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...
Amazon Web Services
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web Systems
InnoTech
 
AWS Summit Atlanta Keynote
AWS Summit Atlanta KeynoteAWS Summit Atlanta Keynote
AWS Summit Atlanta Keynote
Kristana Kane
 
Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...
Amazon Web Services
 
Understanding the Cloud Stack
Understanding the Cloud StackUnderstanding the Cloud Stack
Understanding the Cloud Stack
RapidScale
 
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...
Amazon Web Services
 
Cloud computing ppt.
Cloud computing ppt.Cloud computing ppt.
Cloud computing ppt.
abhishekdayal001
 

Similar to From Gates to Guardrails: Alternate Approaches to Product Security (20)

Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud Infrastructure
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerů
 
Netflix Cloud Architecture and Open Source
Netflix Cloud Architecture and Open SourceNetflix Cloud Architecture and Open Source
Netflix Cloud Architecture and Open Source
 
iWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience SolutioniWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience Solution
 
Introduction to the AWS Cloud – Russell Hall
Introduction to the AWS Cloud – Russell HallIntroduction to the AWS Cloud – Russell Hall
Introduction to the AWS Cloud – Russell Hall
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
 
Deep dive into service fabric after 2 years
Deep dive into service fabric after 2 yearsDeep dive into service fabric after 2 years
Deep dive into service fabric after 2 years
 
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park
4. aws enterprise summit seoul 기존 엔터프라이즈 it 솔루션 클라우드로 이전하기 - thomas park
 
Cisco ACI for the Microsoft Cloud Platform
Cisco ACI for the Microsoft Cloud PlatformCisco ACI for the Microsoft Cloud Platform
Cisco ACI for the Microsoft Cloud Platform
 
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frog
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frogWebinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frog
Webinar leveraging-cloud-sandboxes-with-ansible-jenkins-j frog
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion segura
 
SplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT BreakoutSplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT Breakout
 
Reducing Cost with DNA Automation
Reducing Cost with DNA AutomationReducing Cost with DNA Automation
Reducing Cost with DNA Automation
 
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...You Can't Protect What you Can't See. AWS Security Best Practices - Session S...
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web Systems
 
AWS Summit Atlanta Keynote
AWS Summit Atlanta KeynoteAWS Summit Atlanta Keynote
AWS Summit Atlanta Keynote
 
Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...
 
Understanding the Cloud Stack
Understanding the Cloud StackUnderstanding the Cloud Stack
Understanding the Cloud Stack
 
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...
Don’t Fly Blind – Gain AWS Visibility to Ensure Security and Optimise Operati...
 
Cloud computing ppt.
Cloud computing ppt.Cloud computing ppt.
Cloud computing ppt.
 

Recently uploaded

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 

Recently uploaded (20)

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 

From Gates to Guardrails: Alternate Approaches to Product Security