Scott Behrens
@HelloArbit
Technical Director of Security Engineering at @Netflix. Previously Appsec builder/breaker. Spend free time writing music and weightlifting
You might like
Excited to share a blogpost Melodie and I have been working on for a while on the benefit of building Neurodiverse Information Security teams. netflixtechblog.medium.com/embracing-neur…
I wrote some strategies for how to be an ally for people managing ADHD in the workplace: link.medium.com/Bibs9k8tbY. Please give it a read and let me know your thoughts!
I can't believe I'm an hour into trying to get a very permissive CSP policy setup and I am still stuck in violation hell. I empathize with all the developers I've ever asked to set this up. Totally different errors and useful debug information in FF/Chrome debugging this as well.
Stoked to moderate a #DevSecOps panel at @AppSecCali- @frgx Director of Security Engr @Dropbox, @astha_singhal AppSec Engr Manager @netflix, @dugdep Director of ProdSec @datadoghq, John Heasman Deputy CISO @DocuSign, @Divya_Dw Security Engr Manager @Snap appseccalifornia2019.sched.com/event/GS4Z/les…
Verifying myself: I am arbit on Keybase.io. PfJRpyo3a1phSp_IY39CPPoIWmRMF6MIOnD0 / keybase.io/arbit/sigs/PfJ…
"We are now publicly launching our bug bounty program through the Bugcrowd platform to continue improving the security of our products and services while strengthening our relationship with the community." medium.com/netflix-techbl…
Test coverage for Scumblr is happening, currently at: 1196 / 4768 LOC (25.08%) covered! Your contributions will be easier with these tests!
lookup(){ nslookup `echo $1 | awk -F/ '{print $3}'` } #bash put in your bash shell and you now can do >lookup http://<site>.com/whatever
Come join our team!
Want work on projects like Scumblr (github.com/Netflix/Scumblr)? I'm hiring a software eng for Netflix's AppSec team: jobs.netflix.com/jobs/861079
Thanks @OReillyMedia Security for a great conference! For folks who saw our talk, grab Scumblr 2.0.1 here: github.com/Netflix/scumblr
Check out the @NetflixOSS new release of Scumblr 2.0. Grab a copy here: github.com/netflix/scumblr
Exceted to speak at @appsecusa with Andy Hoernecke on Scumblr 2.0 (Dirty Laundry), our soon to be open source tool to automate all things.
Protip: Don't use Timeout with Sidekiq in RoR if you are calling a cli tool that doesn't support timeout, will result in unstable behavior.
Devs: Don't take an appsec pentest personally. Appsec engineers just want to make applications more secure to protect users & stop bad guys.
Released a new build of Sketchy which fixes an issue with workers hanging. If you use it for screenshoting, update! github.com/Netflix/sketchy
Automated web app scanners are struggling with Ajax heavy sites using frameworks like @reactjs and @emberjs. dom navigation/link parsing esp
Tracking XSS propagation over long periods of time w/ Sleepy Puppy? Check out our BurpSuite Extension: techblog.netflix.com/2015/11/sleepy… @NetflixOSS
@tdvsbl or when a dj fades out the song to say something like "yeah" or "uh uh" 5-10 times a song for the entire set.
United States Trends
- 1. Cam Coleman 3,340 posts
- 2. Vandy 5,345 posts
- 3. Iowa 30.2K posts
- 4. Auburn 14.4K posts
- 5. #AEWCollision 3,623 posts
- 6. #UFCVegas111 11.1K posts
- 7. Oregon 40.6K posts
- 8. Dante Moore 3,624 posts
- 9. Ace Austin 1,024 posts
- 10. Wisconsin 18K posts
- 11. Bauer Sharp N/A
- 12. Vanderbilt 4,106 posts
- 13. Heisman 12.3K posts
- 14. Kyle Fletcher N/A
- 15. Bama 9,381 posts
- 16. Indiana 43.5K posts
- 17. Penn State 26.5K posts
- 18. Mendoza 24.9K posts
- 19. #Svengoolie 1,171 posts
- 20. Pavia 2,295 posts
Something went wrong.
Something went wrong.