Netflix releases home-grown DDoS detectors

Planning on haxing Netflix? Don't plan it on Facebook

Choosing a cloud hosting partner with confidence

NetFlix's security team has given the open source treatment to three tools it uses to monitor the internet and gather evidence of planned attacks against its infrastructure.

"Scumblr" and "Sketchy", plus the "Workflowable" tool both rely on, are now on GitHub for any security teams to use.

Scumblr sifts through forums and social media networks in search of discussions of possible hacks or denial of service attacks against an organisation using keywords predefined by an administrator. Sketch takes screenshots and scrapes text from sites.

"Scumblr and Sketchy are helping the Netflix security team keep an eye on potential threats to our environment every day," the pair wrote.

Scumblr includes a set of built-in libraries that allow creating searches for common sites like Google, Facebook, and Twitter. For other sites, it is easy to create plugins to perform targeted searches and return results.

"Once you have Scumblr setup, you can run the searches manually or automatically on a recurring basis."


On paper, the Ruby on Rails Scumblr appears to closely resemble existing open source intelligence tools such as Maltego in that it uses plugins to find and pull together information scattered across the internet.

It also uses Netflix's tidy little triage app "Workflowable", which marks incoming intelligence with labels such as part of a current, possible or concluded investigation.

Admins need not visit any of the websites flagged as possible sources for attacks; Sketchy snapshots those sites to avoid possible compromise should they prove to be malicious.

Other apps did the job but fell over when sites became too content-rich, used SSL, or were saturated with AJAX, Netflix security bods Andy Hoernecke and Scott Behrens wrote.

The tools, which can be downloaded here, here, and here, come with seven libraries ready to peruse services including Facebook, Twitter, and Google.

Netflix is releasing its wares to give back to the open source community under its Open Source Software Initiative which kicked off in 2010

Beginner's guide to SSL certificates


Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.