Netflix airs its Dirty Laundry

Netflix has rolled out a new platform which is claimed keep a tab on vulnerabilities and prevent leakage of a company’s confidential data.

Built as part of the ‘Dirty Laundry Project’, the new platform has been built using soon-to-be open source tools and checks for assets of Netflix inadvertently exposed by its staff, The Register noted.

Netflix engineers Scott Behrens and Andy Hoernecke noted that the new platform uses a range of in-house developed tools, with some of them available as open source, that assist in boosting security resistance.

"Maybe a developer screwed something up in a build and left stack traces on, or exposed some sensitive keys," Behrens added.

"Dirty Laundry will give some visibility into that."

The platform, when connected to open source tools from Netflix, such as Monterey, Scumblr and Sketchy, enables each tool to deliver related analysis on a given app.

"We really want to open source it but at the moment it is really reliant on Netflix assets so we will have to make it more generic."

When wrapped in a GUI, the platform will provide management with metrics that display dependencies and security risks of particular apps, code repositories and app owners’ description.

Enterprises will also be able to alter risk settings to reproduce different tolerances.

In addition, work is underway on another platform dubbed ‘Danger, Danger’, which is aimed at flagging vulnerabilities such as Common Vulnerabilities and Exposures (CVE) within libraries to be used by a developer.

Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *

Favourites

  • Favorite list is empty.
FavoriteLoadingClear favorites

Your favorite posts saved to your browsers cookies. If you clear cookies also favorite posts will be deleted.