Clint Collabs: Netflix’s Scott Behrens on the Difficulty of Building a Useful Paved Road & Where to Start

October 11th, 2024

The Netflix security team has built quite the reputation in the security industry by sharing many conference talks, blog posts, and open source tools over the years.

Scott Behrens has been at Netflix for 11 years, seeing the security team grow from a handful of people to well over 100, and is the the strategic tech lead for all of Security, Privacy, and Risk at Netflix.

In this recording, Scott will share his both strategic and tactical lessons learned in building a highly effectively, scalable, modern security program, including:

  • What are some gotchas if you’re trying to build a Paved Road at your company? What are the landmines to watch out for?

  • What should you work on first as a security hire?

  • How do you validate that your Paved Road / security control guarantees actually do what you expect them to? (Hint: There’s actually a lot of subtlety here)

For each, Scott shares concrete examples from his experience.

Clint Gibler
Semgrep
Head of Security Research & Founder of tl;dr sec