►
From YouTube: MUX: Adam Brown Interview
Description
Adam Brown talks about how MUX adopted StackRox to secure their environment. He shares a bit about their thought process and results in hopes of helping others.
A
My
name
is
adam
brown,
I'm
the
head
of
infrastructure
and
co-founder
here
at
mux
here
at
mux.
We
are
about
video
streaming,
all
things
so
one
side
of
the
company.
We
have
a
video
analytics
product
that
measures
quality
of
service
data
for
video
publishers
on
the
other
side
of
things,
a
sas
solution
for
online
video
publishing.
A
A
So
security
is
a
big
part
of
our
business
as,
as
is
any
sas
offering
we
feel
like
we
did
a
good
job
of
isolating
things.
You
know
the
standard,
vpc
requirements
and
you
know
subnets
that
are
isolated
from
each
other,
but
there's
still
a
huge
area
that
that
does
not
cover.
In
particular,
you
know
things
like
using
a
lot
of
open
source
software
that
we
don't
necessarily
have
the
time
to
go
and
audit
ourselves.
Additionally,
as
we
launch
this
video
product,
we
are
now
ingesting
random
files
from
people
online.
A
You
never
know,
what's
going
to
be
in
that
thing,
what
that
could
potentially
exploit.
So
that's
a
big
concern
for
us
when
we
started
looking
at
getting
more
serious
about
enhancing
our
security,
we
started
looking
for
solutions
that,
to
be
honest,
were
the
easiest
for
us
to
implement.
So
we
went
looking
specifically
for
security
solutions
that
could
drop
into
kubernetes
deployments
and
cloud
environments
and
provide
us
with
you
know
what
is
our
current
risk
level?
What
ongoing
monitoring-
and
you
know.
A
So,
early
on,
even
when
we
first
implemented
the
poc,
we
were
scanning
our
production
images
and
we
were
very
quickly
able
to
identify.
You
know
a
large
list
of
you
know:
potential
vulnerabilities
in
our
system,
so
a
big
part
of
how
we
felt
zacharox
could
help
us
was
really
identifying
those
risks
and
triaging
them.
A
Basically
allowing
us
to
not
have
to
spend
our
resources
on
going
in
and
finding
what
things
we
should
do
next,
I
think
them
even
more
powerful
to
us,
as
we've
kind
of
you
know,
just
needed
to
move
quickly
and
ship
software
is,
is
really
the
runtime
detection,
so
that
we
can
feel
confident
that
we
know.
If
something
does
happen,
we
can,
you
know,
respond
to
it
and
isolate
it
very
quickly.
A
really
good
example
of
this
that
we
had
very
early
on.
A
I
think
the
first
day
that
we
turned
on
the
it
turned
on
stack,
rocks
into
the
actual
production
environment,
pulled
it
off
like
here's,
the
ui
like
immediately.
The
first
thing
we
see
is
a
a
critical
alert
that
you
know.
One
of
our
containers
has
basically
been
broken
into
and
someone's
running
something
malicious.
Like
well,
what's
going
on
here,
everybody
started
freaking
out
and
one
of
the
engineers
of
the
court
of
zeal
that
that
was
me.
A
So
that
was
one
of
the
things
that
immediately
everyone
in
the
company
could
see
what
the
value
of
this
was
the
biggest.
I
think
important
thing
that
stackers
gives
us
is
you
know
that
peace
of
mind
of
you
know?
We
know
what
our
risk
level
is.
We
know
what
the
potential
vulnerabilities
are
and
we
can
also
be
alerted
when
something
that
we
didn't
plan
for
happens.