Reducing Risk of Credential Compromise at Netflix

Recorded on February 26, 2019

Building a secure system is like constructing a good pizza – each individual layer adds flavor that ultimately builds to the perfect bite. At Netflix we have hand-crafted ingredients that by themselves are scrumptious, but when placed together strategically on the crust (read: cloud), constructs a pizza so large that any pizza lover (read: attacker) would be challenged to finish.

Watch this webinar and learn the secret to the sauce that is Netflix Infrastructure Security and how even defensive appsec tooling like Signal Sciences can be used in the mix to be better equipped to start baking pizza in their own kitchen, and leave satisfied.

Find out more on:

  • Netflix’s approach to reduce risk of credential compromise in practice

  • How to achieve right-sized permissions and handling

  • How Netflix puts all the tooling in place to strengthen their security posture





Will Bengtson

Senior Security Engineer, Netflix

Will Bengtson is senior security engineer at Netflix focused on security operations and tooling. Prior to Netflix, Bengtson led security at a healthcare data analytics startup, consulted across various industries in the private sector, and spent many years in the Department of Defense. Bengtson is on the BSidesSF and Bay Area OWASP leadership team. Bengtson contributes to numerous open source projects and has spoken on topics of security across the world.

James Wickett

Head of Channel Marketing, Signal Sciences

James spends a lot of time at the intersection of the DevOps and Security communities. He works as Head of Research at Signal Sciences and is a supporter of the Rugged Software and Rugged DevOps movements. Seeing the gap in software testing, James founded an open source project, Gauntlt, to serve as a Rugged Testing Framework. He is the author of several security and DevOps courses on Lynda.com and LinkedIn Learning, including: DevOps Fundamentals, Infrastructure Automation, Security Testing, Continuous Delivery, and Site Reliability Engineering.

James is the creator and founder of the Lonestar Application Security Conference which is the largest annual security conference in Austin, TX. He also runs DevOps Days Austin and previously served on the global DevOps Days board. He also holds several security certifications including CISSP and GWAPT.

The world's top companies trust
Signal Sciences.