Distributed Security Alerting

Explore a comprehensive conference talk on distributed security alerting, focusing on Spotify Engineering's approach to integrating security across their organization. Learn about the importance of making all engineers security-conscious, implementing hardening and scanning techniques, and addressing the challenges of managing numerous security alerts. Discover the Comet system's customizable architecture and plugins for efficient alert handling. Gain insights into data-driven security practices, including metrics for security engineering, education, and leadership. Understand the flow of security information and additional benefits of this approach to create a more robust and responsive security infrastructure.

About Us!
About Spotify Engineering
We need security everywhere
About Security Engineering
All Engineers Must Be Security Engineers!
How to do it
Hardening
Scanning!
Examples
Now the security team has lots of alerts
Problems
The Last Mile Problem
Comet
Customizable
Architecture
Plugins
Quick start!
Parser
Hydrator
Router
That's it!
Data Driven Security
Metrics for Security Engineering
Metrics for Security Education
Metrics for Leadership
Red Herrings
What does the flow look like?
What else did we gain