Netflix’s Stethoscope was an open-source project for enhancing endpoint security in a user-focused and non-intrusive manner. It was built by the Netflix Security team and deprecated in 2019 when they pivoted to a browser extension and native helper app.
Pareto Security is built on the same concept: a non-intrusive way for your team to understand security and fix their device’s issues on their own. Learn more about us on our homepage.
What was Netflix Stethoscope?
Stethoscope began as a web application developed by the security team at Netflix (repository on GitHub). It was designed to check a device’s security configurations and suggest improvements, such as enabling disk encryption, updating the personal firewall, and ensuring automatic updates.
Stethoscope was implemented gradually within Netflix, integrating with one internal app at a time. This strategy allowed for monitoring changes in security behavior among users. The guiding philosophy behind Stethoscope was to provide context rather than control, empowering users to make informed security decisions without coercion or intimidation.
As they mention in their presentation published on YouTube, the focus was:
- education,
- self-service,
- personalization,
- one place to visit,
- actionable,
- complete the feedback loop (see the result)
While avoiding:
- forced updates,
- company-wide emails,
- information overload,
- “this probably doesn’t apply to me”.
The point was that the user would be educated and guided toward fixing security issues on their device, instead of having their device managed and have settings forced upon them.
In late 2018, they developed a native app for both macOS and Windows.
In 2019 they deprecated the open source app and pivoted to a browser extension.
An alternative to Netflix’s open source Stethoscope
If you’re looking for something similar to Stethoscope, have a look at Pareto Security. Our philosophy is very similar: we don’t want to control (y)our team’s devices, or force settings upon them. We want them to understand the security issues and then fix them on their own.
Example: Filevault (disc encryption) is off
Pareto Security is a native macOS app that does 24 checks recommended by Center for Internet Security benchmark guidelines. Every failed check links to a page that explains exactly how to fix it.
