From Gates to Guardrails - Alternate Approaches to Product Security

Explore a conference talk from LASCON's Rugged DevOps Track that challenges traditional secure development lifecycles. Discover how Netflix approaches product security in the age of DevOps, agile methodologies, cloud computing, and continuous delivery. Learn about practical methods for addressing continuous assessment, regulatory compliance, and team staffing in fast-paced technology environments. Gain insights into Netflix's unique culture, visibility practices, and automated security tools like Security Monkey. Understand the shift from gate-based security models to more dynamic, pragmatic approaches that align with modern development practices and business needs.

Intro
National Recreation Area
Traditional Security Model
Netflix
Speed and Scale
Thesis
Culture
Visibility
Netflix Environment
UI Interoperability
Amazon Region
Netflix Culture
DevOps Culture
Responsible Disclosure Program
Recruiting
Sprints
Security with Operations
Cloud HSM Dashboard
Email Alert Configuration
Chronos
NSA
MimiR
Automation
Security Monkey
Configuration History
Summary
Engagement Model