SlideShare a Scribd company logo

Resilience and Compliance at Speed and Scale

Jason Chan, profile picture
Jason Chan

The document discusses Netflix's approach to resilience and compliance at scale through automation. It describes common traditional controls like change approval boards and centralized deployments that don't work for Netflix given its culture of freedom and responsibility and need for rapid innovation. Netflix uses automated "Simian Army" monkeys like Chaos Monkey that cause random failures to test resilience. It also uses tools giving visibility into who made changes and their testing/approval to achieve compliance objectives in a decentralized way without slowing innovation.

Technology
1 of 54
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
Resilience and Compliance at Speed and Scale ISACA SV Spring Conference Jason Chan chan@netflix.com linkedin.com/in/jasonbchan @chanjbs
About Me  Engineering Director @ Netflix:  Security: product, app, ops, IR, fraud/abuse  Previously:  Led infosec team @ VMware  Consultant - @stake, iSEC Partners
About Netflix
Common Approaches to Reslience
Common Controls to Promote Resilience  Architectural committees  Change approval boards  Centralized deployments  Vendor-specific, component- level HA  Standards and checklists  Designed to standardize on design patterns, vendors, etc.  Problems for Netflix:  Freedom and Responsibility Culture  Highly aligned and loosely coupled  Innovation cycles
Common Controls to Promote Resilience  Architectural committees  Change approval boards  Centralized deployments  Vendor-specific, component- level HA  Standards and checklists  Designed to control and de- risk change  Focus on artifacts, test and rollback plans  Problems for Netflix:  Freedom and Responsibility Culture  Highly aligned and loosely coupled  Innovation cycles
Common Controls to Promote Resilience  Architectural committees  Change approval boards  Centralized deployments  Vendor-specific, component- level HA  Standards and checklists  Separate Ops team deploys at a pre-ordained time (e.g. weekly, monthly)  Problems for Netflix:  Freedom and Responsibility Culture  Highly aligned and loosely coupled  Innovation cycles
Common Controls to Promote Resilience  Architectural committees  Change approval boards  Centralized deployments  Vendor-specific, component- level HA  Standards and checklists  High reliance on vendor solutions to provide HA and resilience  Problems for Netflix:  Traditional data center oriented systems do not translate well to the cloud  Heavy use of open source
Common Controls to Promote Resilience  Architectural committees  Change approval boards  Centralized deployments  Vendor-specific, component- level HA  Standards and checklists  Designed for repeatable execution  Problems for Netflix:  Reliance on humans
Approaches to Resilience @ Netflix
What does the business value?  Customer experience  Innovation and agility  In other words:  Stability and availability for customer experience  Rapid development and change to continually improve product and outpace competition  Not that different from anyone else
Overall Approach  Understand and solve for relevant failure modes  Rely on automation and tools, not humans or committees  Make no assumptions that planned controls will work  Provide train tracks and guardrails, but invite deviation
Resilience and Compliance at Speed and Scale
Goals of Simian Army “Each system has to be able to succeed, no matter what, even all on its own. We’re designing each distributed system to expect and tolerate failure from other systems on which it depends.” http://techblog.netflix.com/2010/12/5-lessons-weve-learned-using-aws.html
Systems fail
Resilience and Compliance at Speed and Scale
Chaos Monkey  “By frequently causing failures, we force our services to be built in a way that is more resilient.”  Terminates cluster nodes during business hours  Rejects “If it ain’t broke, don’t fix it”  Goals:  Simulate random hardware failures, human error at small scale  Identify weaknesses  No service impact
Lots of systems fail
Resilience and Compliance at Speed and Scale
Chaos Gorilla  Chaos Monkey’s bigger brother  Standard deployment pattern is to distribute load/systems/data across three data centers (AZs)  What happens if one is lost?  Goals:  Simulate data center loss, hardware/service failures at larger scale  Identify weaknesses, dependencies, etc.  Minimal service impact
What about larger catastrophes?
Resilience and Compliance at Speed and Scale
Chaos Kong  Simulate an entire region (US west coast, US east coast) failing  For example – hurricane, large winter storm, earthquake, etc.  Goals:  Exercise end-to-end large-scale failover (routing, DNS, scaling up)
The sick and wounded
Resilience and Compliance at Speed and Scale
Latency Monkey  Distributed systems have many upstream/downstream connections  How fault-tolerant are systems to dependency failure/slowdown?  Goals:  Simulate latencies and error codes, see how a service responds  Survivable services regardless of dependencies
Outliers and rebels
Resilience and Compliance at Speed and Scale
Conformity Monkey  Without architecture review, how do you ensure designs leverage known successful patterns?  Conformity Monkey provides automated analysis for pattern adherence  Goals:  Evaluate deployment modes (data center distribution)  Evaluate health checks, discoverability, versions of key libraries  Help ensure service has best chance of successful operation
Cruft, junk, and clutter
Resilience and Compliance at Speed and Scale
Janitor Monkey  Clutter accumulates, in the form of:  Complexity  Vulnerabilities  Cost  Janitor identifies unused resources and reaps them to save money and reduce exposure  Goals:  Automated hygiene  More freedom for engineers to innovate and move fast
Non-Simian Approaches  Org model  Engineers write, deploy, support code  Culture  De-centralized with as few processes and rules as possible  Lots of local autonomy  “If you’re not failing, you’re not trying hard enough”  Peer pressure  Productive and transparent incident reviews
Software Deployment for Compliance-Sensitive Apps
Control Objectives for Software Deployments Visibility and transparency  Who did what, when?  What was the scope of the change or deployment?  Was it reviewed?  Was it tested?  Was it approved? Typically attempted via:  Restricted access/SoD  CMDBs  Change management processes  Test results  Change windows
Large and Dynamic Systems Need a Different Approach  No operations organization  No acceptable windows for downtime  Thousands of deployments and changes per day
Control Objectives Haven’t Changed Visibility and transparency  Who did what, when?  What was the scope of the change or deployment?  Was it reviewed?  Was it tested?  Was it approved?
System-wide view on changes
Access to changes by app, region, environment, etc. Lookback in time as needed
Changes, via email
When? By who? What changed?
Integrated awareness
Chat integration lets engineers easily access info
Automated testing
Resilience and Compliance at Speed and Scale
1000+ tests to compare proposed vs. existing Automated scoring and deployment decision
Complete view of deployment lifecycle
Jenkins (CI) job App name Currently running clusters by region/environm ent
Cluster ID Deployment details AMI version SCM commit
Modified files Source diffs Link to relevant JIRA(s)
Resilience and Compliance at Speed and Scale
Takeaway  Control objectives have not changed, but advantages of new technologies and operational models dictate updated approaches
Netflix References  http://netflix.github.com  http://techblog.netflix.com  http://slideshare.net/netflix
Questions? chan@netflix.com

More Related Content

PPTX
Resilience and Security @ Scale: Lessons Learned
Jason Chan
 
PPTX
Cloud Application Security: Lessons Learned
Jason Chan
 
PDF
From Gates to Guardrails: Alternate Approaches to Product Security
Jason Chan
 
PPTX
Splitting the Check on Compliance and Security
Jason Chan
 
KEY
Cloud Security at Netflix
Jason Chan
 
PDF
The Joy of Proactive Security
Andy Hoernecke
 
PDF
DevSecOps: Taking a DevOps Approach to Security
Alert Logic
 
PPTX
Integrating Security into DevOps
CloudPassage
 
Resilience and Security @ Scale: Lessons Learned
Jason Chan
 
Cloud Application Security: Lessons Learned
Jason Chan
 
From Gates to Guardrails: Alternate Approaches to Product Security
Jason Chan
 
Splitting the Check on Compliance and Security
Jason Chan
 
Cloud Security at Netflix
Jason Chan
 
The Joy of Proactive Security
Andy Hoernecke
 
DevSecOps: Taking a DevOps Approach to Security
Alert Logic
 
Integrating Security into DevOps
CloudPassage
 

What's hot (15)

PDF
Security at the Speed of Software Development
DevOps.com
 
PDF
Proactive Security AppSec Case Study
Andy Hoernecke
 
PPTX
Overcoming Security Challenges in DevOps
Alert Logic
 
PDF
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
CloudPassage
 
PPTX
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
Shannon Lietz
 
PPTX
Cloud Security Essentials 2.0 at RSA
Shannon Lietz
 
PPTX
ISACA Ireland Keynote 2015
Shannon Lietz
 
PPTX
DevOps In Azure: Deliver Value With Automation
Utkarsh Pandey
 
PDF
Chaos Engineering and Systems Reliability
Sylvain Hellegouarch
 
PPTX
Shared Security Responsibility for the Azure Cloud
Alert Logic
 
PPTX
DevSecCon KeyNote London 2015
Shannon Lietz
 
PPTX
Azure Security Center
Udaiappa Ramachandran
 
PPTX
DevSecOps - CrikeyCon 2017
kieranjacobsen
 
PPTX
CSS17: Atlanta - Realities of Security in the Cloud
Alert Logic
 
PDF
Managed Threat Detection & Response for AWS Applications
Alert Logic
 
Security at the Speed of Software Development
DevOps.com
 
Proactive Security AppSec Case Study
Andy Hoernecke
 
Overcoming Security Challenges in DevOps
Alert Logic
 
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
CloudPassage
 
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
Shannon Lietz
 
Cloud Security Essentials 2.0 at RSA
Shannon Lietz
 
ISACA Ireland Keynote 2015
Shannon Lietz
 
DevOps In Azure: Deliver Value With Automation
Utkarsh Pandey
 
Chaos Engineering and Systems Reliability
Sylvain Hellegouarch
 
Shared Security Responsibility for the Azure Cloud
Alert Logic
 
DevSecCon KeyNote London 2015
Shannon Lietz
 
Azure Security Center
Udaiappa Ramachandran
 
DevSecOps - CrikeyCon 2017
kieranjacobsen
 
CSS17: Atlanta - Realities of Security in the Cloud
Alert Logic
 
Managed Threat Detection & Response for AWS Applications
Alert Logic
 
Ad

Viewers also liked (20)

PDF
Amazon Web Services Security
Jason Chan
 
PDF
The Psychology of Security Automation
Jason Chan
 
PPTX
Defending Netflix from Abuse
Jason Chan
 
PPTX
Cloud Application Security: Lessons Learned
Jason Chan
 
PDF
Practical Cloud Security
Jason Chan
 
PDF
Practical Security Automation
Jason Chan
 
PDF
Careers in Security
Jason Chan
 
KEY
Real World Cloud Application Security
Jason Chan
 
PDF
Security at Scale - Lessons from Six Months at Yahoo
Alex Stamos
 
PDF
Analyze System and Code Interactions
Qualcomm Developer Network
 
PPTX
Virtualization: Security and IT Audit Perspectives
Jason Chan
 
PDF
Cloud Security @ Netflix
Jason Chan
 
PPTX
Ibm cloud nativenetflixossfinal
aspyker
 
PPTX
Re:invent 2016 Container Scheduling, Execution and AWS Integration
aspyker
 
PDF
Netflix Global Applications - NoSQL Search Roadshow
Adrian Cockcroft
 
PDF
Netflix Cloud Platform and Open Source
aspyker
 
PDF
Netflix OSS Meetup Season 4 Episode 4
aspyker
 
KEY
AWS Security: A Practitioner's Perspective
Jason Chan
 
PPTX
Netflix Webkit-Based UI for TV Devices
Matt McCarthy
 
PDF
Netflix and Containers: Not A Stranger Thing
aspyker
 
Amazon Web Services Security
Jason Chan
 
The Psychology of Security Automation
Jason Chan
 
Defending Netflix from Abuse
Jason Chan
 
Cloud Application Security: Lessons Learned
Jason Chan
 
Practical Cloud Security
Jason Chan
 
Practical Security Automation
Jason Chan
 
Careers in Security
Jason Chan
 
Real World Cloud Application Security
Jason Chan
 
Security at Scale - Lessons from Six Months at Yahoo
Alex Stamos
 
Analyze System and Code Interactions
Qualcomm Developer Network
 
Virtualization: Security and IT Audit Perspectives
Jason Chan
 
Cloud Security @ Netflix
Jason Chan
 
Ibm cloud nativenetflixossfinal
aspyker
 
Re:invent 2016 Container Scheduling, Execution and AWS Integration
aspyker
 
Netflix Global Applications - NoSQL Search Roadshow
Adrian Cockcroft
 
Netflix Cloud Platform and Open Source
aspyker
 
Netflix OSS Meetup Season 4 Episode 4
aspyker
 
AWS Security: A Practitioner's Perspective
Jason Chan
 
Netflix Webkit-Based UI for TV Devices
Matt McCarthy
 
Netflix and Containers: Not A Stranger Thing
aspyker
 
Ad

Similar to Resilience and Compliance at Speed and Scale (20)

PPTX
Enterprise DevOps: Scaling Build, Deploy, Test, Release
IBM UrbanCode Products
 
PPTX
Dev ops developer (session 3)
MSDEVMTL
 
PPTX
Continuous Delivery and Continuous Agile by Andy Singleton - Agile Maine Day...
agilemaine
 
PPTX
Implementing a testing strategy
Daniel Giraldo
 
PPTX
Use DevOps to Respond Faster to End Customers
Info-Tech Research Group
 
PDF
From Monoliths to Microservices at Realestate.com.au
evanbottcher
 
PPT
Risk Driven Testing
Jorge Boria
 
PDF
Continuous delivery
Masas Dani
 
PDF
Andy singleton continuous delivery-fcb - nov 2014
Brad Power
 
ODP
Best practice adoption (and lack there of)
John Pape
 
PPTX
ალექსანდრე ნემსაძე - Release it
unihack
 
PPTX
Enterprise DevOps
Microsoft Visual Studio
 
PPT
Anti Patterns Siddhesh Lecture2 Of3
Siddhesh Bhobe
 
PDF
DevOps Roadshow - removing barriers between development and operations
Microsoft Developer Norway
 
PPTX
Large scale agile development practices
Skills Matter
 
PDF
Raise the Bar! Reloaded
Codemotion
 
PDF
Raise the bar! Reloaded
Alessandro Franceschi
 
PDF
Encontrando la Aguja en el Rendimiento de Aplicaciones
Software Guru
 
PPTX
Curiosity Software Presents: Modelling for Continuous Testing
Curiosity Software Ireland
 
PDF
No Devops Without Continuous Testing
Parasoft
 
Enterprise DevOps: Scaling Build, Deploy, Test, Release
IBM UrbanCode Products
 
Dev ops developer (session 3)
MSDEVMTL
 
Continuous Delivery and Continuous Agile by Andy Singleton - Agile Maine Day...
agilemaine
 
Implementing a testing strategy
Daniel Giraldo
 
Use DevOps to Respond Faster to End Customers
Info-Tech Research Group
 
From Monoliths to Microservices at Realestate.com.au
evanbottcher
 
Risk Driven Testing
Jorge Boria
 
Continuous delivery
Masas Dani
 
Andy singleton continuous delivery-fcb - nov 2014
Brad Power
 
Best practice adoption (and lack there of)
John Pape
 
ალექსანდრე ნემსაძე - Release it
unihack
 
Enterprise DevOps
Microsoft Visual Studio
 
Anti Patterns Siddhesh Lecture2 Of3
Siddhesh Bhobe
 
DevOps Roadshow - removing barriers between development and operations
Microsoft Developer Norway
 
Large scale agile development practices
Skills Matter
 
Raise the Bar! Reloaded
Codemotion
 
Raise the bar! Reloaded
Alessandro Franceschi
 
Encontrando la Aguja en el Rendimiento de Aplicaciones
Software Guru
 
Curiosity Software Presents: Modelling for Continuous Testing
Curiosity Software Ireland
 
No Devops Without Continuous Testing
Parasoft
 

Recently uploaded (20)

PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PDF
KodekX | Application Modernization Development
KodekX
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
KodekX | Application Modernization Development
KodekX
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Encapsulation theory and applications.pdf
gurumoop
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Approach and Philosophy of On baking technology
30anthuong17
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 

Resilience and Compliance at Speed and Scale

  • 1. Resilience and Compliance at Speed and Scale ISACA SV Spring Conference Jason Chan chan@netflix.com linkedin.com/in/jasonbchan @chanjbs
  • 2. About Me  Engineering Director @ Netflix:  Security: product, app, ops, IR, fraud/abuse  Previously:  Led infosec team @ VMware  Consultant - @stake, iSEC Partners
  • 5. Common Controls to Promote Resilience  Architectural committees  Change approval boards  Centralized deployments  Vendor-specific, component- level HA  Standards and checklists  Designed to standardize on design patterns, vendors, etc.  Problems for Netflix:  Freedom and Responsibility Culture  Highly aligned and loosely coupled  Innovation cycles
  • 6. Common Controls to Promote Resilience  Architectural committees  Change approval boards  Centralized deployments  Vendor-specific, component- level HA  Standards and checklists  Designed to control and de- risk change  Focus on artifacts, test and rollback plans  Problems for Netflix:  Freedom and Responsibility Culture  Highly aligned and loosely coupled  Innovation cycles
  • 7. Common Controls to Promote Resilience  Architectural committees  Change approval boards  Centralized deployments  Vendor-specific, component- level HA  Standards and checklists  Separate Ops team deploys at a pre-ordained time (e.g. weekly, monthly)  Problems for Netflix:  Freedom and Responsibility Culture  Highly aligned and loosely coupled  Innovation cycles
  • 8. Common Controls to Promote Resilience  Architectural committees  Change approval boards  Centralized deployments  Vendor-specific, component- level HA  Standards and checklists  High reliance on vendor solutions to provide HA and resilience  Problems for Netflix:  Traditional data center oriented systems do not translate well to the cloud  Heavy use of open source
  • 9. Common Controls to Promote Resilience  Architectural committees  Change approval boards  Centralized deployments  Vendor-specific, component- level HA  Standards and checklists  Designed for repeatable execution  Problems for Netflix:  Reliance on humans
  • 11. What does the business value?  Customer experience  Innovation and agility  In other words:  Stability and availability for customer experience  Rapid development and change to continually improve product and outpace competition  Not that different from anyone else
  • 12. Overall Approach  Understand and solve for relevant failure modes  Rely on automation and tools, not humans or committees  Make no assumptions that planned controls will work  Provide train tracks and guardrails, but invite deviation
  • 14. Goals of Simian Army “Each system has to be able to succeed, no matter what, even all on its own. We’re designing each distributed system to expect and tolerate failure from other systems on which it depends.” http://techblog.netflix.com/2010/12/5-lessons-weve-learned-using-aws.html
  • 17. Chaos Monkey  “By frequently causing failures, we force our services to be built in a way that is more resilient.”  Terminates cluster nodes during business hours  Rejects “If it ain’t broke, don’t fix it”  Goals:  Simulate random hardware failures, human error at small scale  Identify weaknesses  No service impact
  • 20. Chaos Gorilla  Chaos Monkey’s bigger brother  Standard deployment pattern is to distribute load/systems/data across three data centers (AZs)  What happens if one is lost?  Goals:  Simulate data center loss, hardware/service failures at larger scale  Identify weaknesses, dependencies, etc.  Minimal service impact
  • 21. What about larger catastrophes?
  • 23. Chaos Kong  Simulate an entire region (US west coast, US east coast) failing  For example – hurricane, large winter storm, earthquake, etc.  Goals:  Exercise end-to-end large-scale failover (routing, DNS, scaling up)
  • 24. The sick and wounded
  • 26. Latency Monkey  Distributed systems have many upstream/downstream connections  How fault-tolerant are systems to dependency failure/slowdown?  Goals:  Simulate latencies and error codes, see how a service responds  Survivable services regardless of dependencies
  • 29. Conformity Monkey  Without architecture review, how do you ensure designs leverage known successful patterns?  Conformity Monkey provides automated analysis for pattern adherence  Goals:  Evaluate deployment modes (data center distribution)  Evaluate health checks, discoverability, versions of key libraries  Help ensure service has best chance of successful operation
  • 30. Cruft, junk, and clutter
  • 32. Janitor Monkey  Clutter accumulates, in the form of:  Complexity  Vulnerabilities  Cost  Janitor identifies unused resources and reaps them to save money and reduce exposure  Goals:  Automated hygiene  More freedom for engineers to innovate and move fast
  • 33. Non-Simian Approaches  Org model  Engineers write, deploy, support code  Culture  De-centralized with as few processes and rules as possible  Lots of local autonomy  “If you’re not failing, you’re not trying hard enough”  Peer pressure  Productive and transparent incident reviews
  • 34. Software Deployment for Compliance-Sensitive Apps
  • 35. Control Objectives for Software Deployments Visibility and transparency  Who did what, when?  What was the scope of the change or deployment?  Was it reviewed?  Was it tested?  Was it approved? Typically attempted via:  Restricted access/SoD  CMDBs  Change management processes  Test results  Change windows
  • 36. Large and Dynamic Systems Need a Different Approach  No operations organization  No acceptable windows for downtime  Thousands of deployments and changes per day
  • 37. Control Objectives Haven’t Changed Visibility and transparency  Who did what, when?  What was the scope of the change or deployment?  Was it reviewed?  Was it tested?  Was it approved?
  • 39. Access to changes by app, region, environment, etc. Lookback in time as needed
  • 46. 1000+ tests to compare proposed vs. existing Automated scoring and deployment decision
  • 47. Complete view of deployment lifecycle
  • 48. Jenkins (CI) job App name Currently running clusters by region/environm ent
  • 52. Takeaway  Control objectives have not changed, but advantages of new technologies and operational models dictate updated approaches
  • 53. Netflix References  http://netflix.github.com  http://techblog.netflix.com  http://slideshare.net/netflix