Scaling Defenses Amidst Evolving Threat Landscape

Security services that defend against malicious or fraudulent traffic operate in an unpredictable and constantly evolving threat landscape. The dynamic nature of attack traffic means that as attacks evolve, our defenses must evolve too. Existing rules, ML models and/or security configurations may stop being effective with time and would need to be either tuned or deprecated. In the absence of right design decisions, tooling and metrics, the operations component of such services can become tedious, challenging and time consuming. It is important to think about how to build and scale an observability ecosystem alongside such services that fosters agility to respond quickly to emerging threats.

At Netflix, we think deeply about how to build and scale an observability ecosystem for our services. This allows us to continuously observe, learn and adapt our defenses in an evolving threat landscape. In this talk, I will talk about what design choices we made early on during service development that were crucial to scaling operations later on. I will also talk about how we built an observability ecosystem for our services that allowed us to scale operations, improve visibility and accelerate investigations. The audience will walk away with clear articulation of considerations and design ideas for building a defense ecosystem in a continuously evolving threat landscape.


Speaker

Aditi Gupta

Staff Security Software Engineer @Netflix

Aditi Gupta is currently a Staff security software engineer at Netflix where she leads the anti-DDoS efforts and builds scalable services to address the fraud and abuse landscape at Netflix. She holds a PhD from Purdue University in the field of system security and has built several scalable and resilient systems to solve security problems in her previous roles.

Read more

Date

Monday Dec 5 / 10:10AM PST ( 50 minutes )

Topics

Security Scaling Defenses Design Choices Service Development Defense Ecosystem

Share

From the same track

Session Security

A Big Dashboard of Problems

Monday Dec 5 / 09:00AM PST

We have all heard "an ounce of prevention is worth a pound of cure" in medicine, but the security industry isn't so sure. This talk explores the forefront of simple and effective preventative strategies.

Speaker image - Travis McPeak

Travis McPeak

Founder and CEO @ResourcelyInc

Session Security

Vulnerability Inbox Zero

Monday Dec 5 / 11:20AM PST

You have a vulnerability problem. You run a scanner. Now you have two problems - vulnerabilities and a mess of scanner results to process.

Speaker image - Alex Smolen

Alex Smolen

Director of Security @LaunchDarkly

Session Security

Privacy-First Re-Architecture

Monday Dec 5 / 12:30PM PST

The tech industry grew organically the last few decades. We built new innovations on top of old. We evolved systems and technologies to meet new challenges. Decisions of the past became assumptions of today.

Speaker image - Nimisha Asthagiri

Nimisha Asthagiri

Principal Consultant @Thoughtworks