CB Customer Spotlight: Q&A with Netflix DVD’s Jimmy Sanders

ID CARBONBLACK:0DED0900027713E83D1100904AC6B1EF
Type carbonblack
Reporter Hannah Roy
Modified 2019-04-29T17:30:40


Recently we sat down with Jimmy Sanders, VP of Information Security at Netflix DVD, to talk about his upcoming presentation for CB Connect, Carbon Black’s customer conference. Sanders was one of the headliners at CB Connect 2018, and this year he will be speaking to his peers in the Security Leadership track.

Read on to hear what Sanders plans to talk about and how Carbon Black has influenced the DVD security team.

  • Tell us about Netflix DVD’s process for choosing Carbon Black.
    Before we had Carbon Black we were using traditional antivirus (AV). I reviewed various products, developed an evaluation matrix and did a proof of concept with five to six EDR solutions. Out of everyone we looked at, Carbon Black offered the best value for the DVD division. As a standard, every year we ensure that we are using the most innovative security products and test for the best of the best. For the past five years Carbon Black has stood out to be a great solution for DVD.
  • What is the value you’ve seen since using Carbon Black?
    We originally chose Carbon Black for its endpoint detection and response capabilities, but have since seen the advanced value that detection coupled with prevention can provide us. Carbon Black’s real-time blocking and prevention allows us to create automated responses. We also leverage Carbon Black solutions for their effective threat hunting capabilities, giving us the chance to conduct advance attacker profiling and intelligence enrichment. Carbon Black collects all of our data 24/7, so it is up to the team to make use of it to work more efficiently.

Our biggest value point that we’ve seen since using Carbon Black is endpoint protection automation and Open API’s. Carbon Black is a non-signature-based solution, which means we do not have to worry about zero-day signatures anymore. The technology focuses more on “how is the malware performing?” and not “what is the signature of the malware?” * What are you planning to present at CB Connect this year?
My presentation at Carbon Black’s user conference is called, “Endpoint Nirvana: Two-Way Telemetry to Achieve Internal and External Endpoint Security Parity.” In this presentation, I plan to use Carbon Black’s platform solutions CB Defense and CB ThreatHunter to demonstrate that when you see something happen within your internal environment, you can apply those same logistics in an automated fashion to your endpoint solution no matter where you’re located.

What’s exciting about CB ThreatHunter is that it gives you the ability to do an automatic updated threat list. You can use external information to feed into CB ThreatHunter, and use the APIs in CB Defense to automatically change your policies. I plan to show examples where if a user gets a high-level alert, you can put the machine in a medium or high lockdown mode automatically until you can do further research, and you can use CB ThreatHunter to do that research. Ultimately, you can do all of this through APIs and automation.

In this presentation I want to show fellow security leaders how to leverage Carbon Black within their overall security stack to pivot and take action. * What is your expert advice to other CISOs?
I have two thoughts:

1. If you have not already started automating your stack, you’re already behind the curve. Don’t wait, start to automate the things that you do on a daily basis that can be very repetitive for your team.
2. The reason why I use tools like Carbon Black is because they have open APIs that can integrate with each other. This integration can give you a holistic security solution instead of a single-point security solution.

Want to hear Sanders speak? Click here to register for CB Connect and use BLOG75 for 75% off your conference ticket.

The post CB Customer Spotlight: Q&A with Netflix DVD’s Jimmy Sanders appeared first on Carbon Black.