Netflix has published three internal tools it utilizes to capture tips on the net that hackers might target its services.
“Many security teams need to stay on the lookout for Internet-based discussions, posts and other bits that may be of impact to the organizations they are protecting,” said Andy Hoernecke and Scott Behrens of Netflix’s Security Team.
One of the three tools, named Scumblr, enables you to generate custom searches of Google sites, Twitter and Facebook for users or key phrases. The searches might be set to run routinely or be done manually, they wrote.
Scumblr includes a component called Workflowable which can be used to arrange and differentiate the final results. Workflowable has a plugin architecture that can be used to create custom triggers for automatic activities, they added.
When something of interest is found on a website, another tool named Sketchy takes a screenshot.
“One of the features we wanted to see in Scumblr was the ability to collect screenshots and text content from potentially malicious sites,” they stated. “This allows security analysts to preview Scumblr results without the risk of visiting the site directly.”
Scumblr, Sketchy and Workflowable have already been published under open-source software licenses on GitHub.
To be sure, a lot of advanced attackers maintain their conversations of attacks on password-protected forums whose visitors are closely checked out by the site’s operators. But there’s also quite a few who’re less discrete.
Often in need of publicity, those attackers make use of social networks like Twitter to boast or warn of their campaigns, which will be grabbed quickly by Scumblr.