Enigma 2019 has ended
Back To Schedule
Wednesday, January 30 • 11:30am - 12:00pm
Stethoscope: Securely Configuring Devices without Systems Management

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Insecurely configured endpoints are a major risk for both organizations and individuals, one which is particularly hard to address in an increasingly bring-your-own-device world. Netflix works with hundreds of individual contractors, companies, vendors and other third-parties who need access to corporate data and services. These third-parties often have their own devices which Netflix does not own and cannot control yet must secure.

To address these issues, we developed the Stethoscope native app, a tool which recommends to the user configuration changes to improve the security of their device and optionally allows organizations to verify device configuration at authentication time. The app, designed to avoid the operational burdens and risks of traditional systems management tooling, does not require administrator access, is read-only, and is open-source. It guides users through securely configuring their device while providing the context they need to understand why these changes are important. Incorporating Stethoscope into an endpoint strategy helps provide security without the need to fully control or own devices.


Andrew M. White

Andrew worked on user-focused security and behavioral analytics for anomaly detection at Netflix. He holds a PhD in Computer Science from the University of North Carolina at Chapel Hill; his dissertation dealt primarily with mitigating and exploiting side channels in encrypted network... Read More →

Wednesday January 30, 2019 11:30am - 12:00pm PST
Grand Peninsula Ballroom ABCD