Presented at
Diana Initiative 2019,
Aug. 10, 2019, 9:30 a.m.
(30 minutes)
The Netflix Detection and Response Team (D&R) has grown out of the unique Netflix culture and technology stacks. We seek to make our team central to a learning security organization while buying down risk across a broad range of known and unknown threats. To achieve this we are leveraging big data related concepts to predict incident workload and look for trends over time.
In this talk, we will show how we used Pandas and Seaborn in Python to uncover patterns and trends in our security incident data, and how to create a forecast of future incidents using Prophet. The goal of the talk is to give the audience insights into what we learned and how we are applying this data to grow our incident response capabilities through engineering and new approaches as opposed to large multi-tiered SOCs with linear staffing requirements.
Presenters:
-
Shannon Morrison
- Senior Security Engineer at Netflix
Shannon Morrison is a Senior Security Engineer at Netflix, where she builds data-driven detections. Previously, she was a data scientist building anomaly detection models and a container-based machine learning platform at a Fortune 50 insurance company. She also held a variety of roles supporting Splunk Enterprise Security, firewalls, and other infrastructure and security tools.
-
Swathi Joshi
- Senior Technical Program Manager- Response at Netflix
Swathi Joshi is a Senior Technical Program Manager, on the Security Incident Response Team at Netflix where she works on advancing the crisis management program and maturing the incident response function. Previously she worked at Mandiant as an Engagement Manager and as an Escalations manager, managing and solving most critical technical efficiency and detection efficacy issues. She also held a variety of roles at different organizations as Associate Director of Information Security, Security Engineer and Security Analyst.
Links:
Similar Presentations: