Netflix open sources security meta search tools

Video-on-demand giant Netflix has made available two security tools under open source licensing that allow security teams to scan common sites for emerging security threats, the company said.

Scumblr.

Netflix cloud security team members Andy Hoernecke and Scott Behrens said in a blog post that the threat intelligence tools were created to keep an eye out on Internet-based discussions and posts, as well as other bits of information that could have an impact on the organisations.

The first, Scumblr, uses the Workflowable Ruby on Rails gem to create custom workflows that can be matched with different processes and actions as required.

The main Scumblr application lets security teams search the Internet through a set of built in libraries for popular sites such as Google, Facebook and Twitter. Searches can run manually or be scheduled to take place automatically.

Scumblr search result with Sketchy screenshot

Scumblr integrates with the Sketchy screenshot and text scraper tool from malicious sites, without security analysts having to visit these themselves and put them at risk.

Both tools are open source, the security team said, along with the Workflowable RoR gem.

As part of its Simian Army set of Monkey and Gorilla tools to test the robustness and reliability of the Netflix platform on Amazon's Web Services (AWS), the video delivery network made available the Security Monkey tool in June this year.

This open source tool monitors and analyses the security of Netflix AWS configurations, looking for changes and erroneous settings that could create unnecessary or even dangerous risks, Netflix said.