Security services that defend against malicious or fraudulent traffic operate in an unpredictable and constantly evolving threat landscape. The dynamic nature of attack traffic means that as attacks evolve, our defenses must evolve too. Existing rules, ML models and/or security configurations may stop being effective with time and would need to be either tuned or deprecated. In the absence of right design decisions, tooling and metrics, the operations component of such services can become tedious, challenging and time consuming. It is important to think about how to build and scale an observability ecosystem alongside such services that fosters agility to respond quickly to emerging threats.
At Netflix, we think deeply about how to build and scale an observability ecosystem for our services. This allows us to continuously observe, learn and adapt our defenses in an evolving threat landscape. In this talk, I will talk about what design choices we made early on during service development that were crucial to scaling operations later on. I will also talk about how we built an observability ecosystem for our services that allowed us to scale operations, improve visibility and accelerate investigations. The audience will walk away with clear articulation of considerations and design ideas for building a defense ecosystem in a continuously evolving threat landscape.
What's the focus of your work these days?
I am a security software engineer on the Customer Trust team at Netflix. I build scalable systems that defend against harmful acts, which have the potential to adversely impact either our users or our service, such as DDoS attacks.
What's the motivation for your session?
I build systems that defend against malicious traffic. I noticed that when you build something new and deploy it, the defenses are very effective initially in blocking bad traffic, and you're doing great. But over time the traffic that you're defending against evolves to evade these defenses. So the effectiveness goes down over time. This leads to increased operational burden. I’ve found myself there in the past and in this talk I wanted to put together all these different concepts that I've encountered over time on how to keep the defenses effective without constantly being in firefighting mode. That's the motivation of the talk.
How would you describe the persona and level of the target audience for your talk?
I think anyone who is interested in learning about building defense systems and also people who actually build such systems will find this talk useful. Engineers who may be struggling in the same space by finding themselves knee-deep in operations with no time to actually improve their service. Some of the concepts that are shared here will help that audience. But I think in general anyone who loves to build scalable systems would find some good takeaways from this talk.
You've touched on this a little bit already, but what would you like the persona to walk away with after watching your presentation? Are there any highlights in particular?
I did mention it a bit before as well, when you start building these systems, you have to think beyond just the core service, just beyond the secret sauce on how to block bad traffic. The secret sauce will be effective initially, but it wouldn't be effective in the long run. So what additional components do you build into your defense ecosystem so that you continue to stay effective? What are some of the things that you can think of doing early on to reduce the operational burden later on? That's what I hope for the audience to take away from this presentation.
Staff Security Software Engineer @Netflix
Aditi Gupta is currently a Staff security software engineer at Netflix where she leads the anti-DDoS efforts and builds scalable services to address the fraud and abuse landscape at Netflix. She holds a PhD from Purdue University in the field of system security and has built several scalable and resilient systems to solve security problems in her previous roles.