Netflix has released two internally developed security applications, Scrumblr and Sketchy, that they use to monitor the Web for potential threats. The company released both applications on Monday as open source.
Scrumblr is a web app developed in Ruby on Rails and enables their users to search the Internet for tailored content of interest. It includes a set of built-in libraries that inclue Facebook, Twitter and Google. Other sites can be monitored by creating plugins. Once you have Scrumblr set up, you can run searches manually or automatically on a recurring basis.
Scrumblr then integrates with Sketchy which allows automatic screenshot generation of results. This means that security analysts can preview Scrumblr search results without actually visiting malicious sites.
Scrumblr also leverages an app called Workflowable that allows setting up specific workflows associated with certain results. Netflix will be open sourcing this in due course.
Andy Hoernecke and Scott Behrens of the Netflix Cloud Security Team explained in a blog post “Scumblr and Sketchy are helping the Netflix security team keep an eye on potential threats to our environment every day. We hope that the open source community can find new and interesting uses for the newest additions to the Netflix Open Source Software initiative.”
Scumblr, Sketchy, and Workflowable are all available on Netflix’s GitHub site.