Netflix has released three internal tools it uses to catch hints on the Web that hackers might target its services.
“Many
security teams need to stay on the lookout for Internet-based
discussions, posts and other bits that may be of impact to the
organizations they are protecting,” wrote Andy Hoernecke and Scott Behrens of Netflix’s Cloud Security Team.
Data integration is often underestimated and poorly implemented, taking time and resources. Yet it Learn More
+ Also on NetworkWorld:Best/Worst Apple iPhone 6 Design Concepts +
One of the tools, called Scumblr,
can be used to create custom searches of Google sites, Twitter and
Facebook for users or keywords. The searches can be set to run regularly
or be done manually, they wrote.
Scumblr has a component called Workflowable
that can be used to organize and prioritize the results. Workflowable
has a plugin architecture that can be used to set custom triggers for
automated actions, they wrote.
When something of interest is found on a website, another tool called Sketchy takes a screenshot.
“One
of the features we wanted to see in Scumblr was the ability to collect
screenshots and text content from potentially malicious sites,” they
wrote. “This allows security analysts to preview Scumblr results without
the risk of visiting the site directly.”
Scumblr, Sketchy and Workflowable have been released under open-source software licenses on GitHub.
To
be sure, many sophisticated attackers keep their discussions of attacks
on password-protected forums whose visitors are closely vetted by the
site’s operators. But there are also many so-called “hacktivists” who
are less discrete.
Often eager for publicity, those attackers will
use social networking sites such as Twitter to brag or warn of their
campaigns, which could be picked up quickly by Scumblr.
No comments:
Post a Comment