Netflix launched an open-source security program known as FIDO that automatically identifies and responds to the security risks in the network on Tuesday. Previously, the firm had a more manual and time-consuming method to deal with such problems.
How FIDO works
Netflix defines FIDO as an “orchestration layer that automates the incident response process by evaluating, assessing and responding to malware and other detected threats.” The software functions by first detecting a security incident using its several systems comprising firewalls, IDS and anti-malware programs. After detection, the system automatically collects data regarding the event, such as the machine being attacked, information about the user, etc. In addition, FIDO employs certain internal data sources along with external threat feeds to verify the severity of the incident, the streaming company explains in a blog post.
Based on the data and level of threat, the security program then allocates a score to the event. FIDO then decides on the appropriate action that should be taken. Generally, the system could either deactivate an account or a network port. Moreover, it can also send information to the company’s engineers, who can further investigate the issue.
Netflix working to improve security
Netflix began developing FIDO in 2011 with an aim to speed up the process of fixing security issues that were acknowledged by its Help Desk system. The earlier processes to tackle security threat was manual and very time consuming. Moreover, since more detection systems were being implemented, they amplified the number of alerts for the company’s security teams to examine. Therefore, the company came up with FIDO to respond to minor threats and alerts in a quicker and automated way. Furthermore, as the number of security incidents has grown significantly, the need for an automated system like FIDO has become apparent.
The company reports that it has been using earlier versions of FIDO for the past four years, and claimed that it is planning some improvements over the current version. From the users’ perspective, the company is looking to install an administrative user interface with dashboards along with a support for the enforcement configuration.
Netflix engineers also plan to supplement FIDO with features such as PAN, OpenDNS, and SentinelOne. In addition, given the company has made FIDO open source, users can also recommend ways to make the service better.