2 Comments

Summary:

Once again, Netflix steps into the fray, open sourcing code it’s used on its own Amazon Web Services implementations so others can avail themselves of it.

netflix security monkey
photo: Netflix

Netflix promised us more monkeys and now it’s delivered yet another member of its Simian Army — the streaming media giant has open-sourced the code for Security Monkey, the tool it has used internally since 2011 to keep tabs on and evaluate security-related changes to its Amazon Web Services configurations.

For years, Netflix, probably AWS’s highest-profile customer, has augmented Amazon’s own services with its own tools and capabilities and has open sourced many of them. Chaos Monkey, which shuts down malfunctioning cloud resources in an orderly way so the application can keep running, has proven very popular, for example.

The Security Monkey which Netflix started using to monitor a limited number of AWS services, has grown to handle Netflix’ growing use of more services. It performs several functions: (1) it keeps tabs on Amazon S3 storage, identity access management (IAM) and EC2 compute workloads to detect and record changes to those configurations; (2) it notifies the designated user or users about those changes; and (3) it follows business rules set to run a configuration and assesses risks associated with that configuration.

Netflix acknowledged that Security Monkey overlaps somewhat with some AWS services that came later — specifically CloudTrail and Trusted Advisor — but said it provides its own unique value.

While CloudTrail “provides verbose data on API calls” it has no sense of state in terms of how a particular configuration item changes over time. Security Monkey fills that gap, according to the Netflix Tech Blog. And Trusted Advisor, a premium (read “paid”) Amazon service runs security checks, but will not allow customers to build their own custom checks, which Security Monkey facilitates.

 

 

 

  1. Reblogged this on Jennifer Yaniz Chicago Internet Marketing and commented:
    Love the Favicon for the Security Monkey!

    Reply Share
  2. Barb,

    ” Chaos Monkey, which shuts down malfunctioning cloud resources in an orderly way so the application can keep running,… ”

    Actually … from https://github.com/Netflix/SimianArmy/wiki/Chaos-Monkey
    “Chaos Monkey is a service which identifies groups of systems and randomly terminates one of the systems in a group. ”

    So Chaos Monkey (a monkey that causes chaos) is a testing tool.

    Reply Share