Several days ago, Netflix quietly released the AWS Security Monkey. This tool allows systems administrators to harden the security on their Amazon cloud using the same tools that Netflix uses in its AWS cloud that reaches millions of end users.
Netflix’s blog mentions, “At Netflix, responsibility for delivering the streaming service is distributed and the environment is constantly changing. Code is deployed thousands of times a day, and cloud configuration parameters are modified just as frequently. To understand and manage the risk associated with this velocity, the security team needs to understand how things are changing and how these changes impact our security posture.”
etflix goes on to say that it first developed Security Monkey back in 2011. The interface started out simple but as Netflix began expanding into more and more AWS datacenters, the interface became more robust. Netflix mentions that Security Monkey performs a few high level tasks that are broken down into three categories that they have dubbed Watcher, Notifier and Auditor. These functions work together to monitor changes in your AWS cloud infrastructure. The Auditor follows behind the Watcher and Notifier and compares configurations to built-in rules that help raise a flag if something is insecurely configured.
Netflix’s blog goes into more detail about this process. The blog also notes many future enhancements the platform plans to take on. Many of these enhancements sound exciting and promising such as the ability to compare configurations across regions and CloudTrail integration for granular auditing details.
If you’re ready to dig into Security Monkey, the application is listed at GitHub for you to download. If you’d like to know more about Security Monkey and you plan on being in the San Jose area on August 20th at 6:30PM PST, you can stop by the NetFlix Open Source Platform Meetup which will be held at 100 Winchester Circle, Los GatosCA.