February 13, 2023

Travis McPeak, Co-founder & CEO

Guardrails and Paved Roads

In conversation with Jason Chan

Cloud resources are complex! Engineers in cloud-first environments often struggle to provision simple cloud resources that meet their company’s standards, best practices, and requirements. Many organizations introduce central teams (i.e., Platform, DevOps) to help developers get cloud resources set up the way they need. Unfortunately, these teams quickly get buried in ops. There’s a lot of friction to what should be a quick process, but companies tolerate the ops load and slowness because it’s critical to get cloud resources configured correctly and securely from the beginning.

Data shows that misconfigurations are responsible for 90-99% of cloud security breaches. Today, the primary market focus within cloud security is on scanners, which reactively indicate when a misconfiguration is detected. The problem is that by the time you’re alerted to misconfigurations, it’s too late. You have to fix it with cloud vulnerability management, and as an industry, we’re just not good at it. 

In Netflix Information Security, we faced many of these problems, and the best solution was paved roads. Paved roads create a win-win, where developers get what they need quickly with self-service, and the central teams that support them avoid the ops load and ensure correct configurations from the beginning. Paved roads provide other benefits, including resource ownership attribution and safe change management.

In the video above, Jason Chan (former VP of Security at Netflix) discusses paved roads for security, where the concept originated, and how they were effective at Netflix. 

Watch Jason’s interview to learn:

Resourcely logo, letter R formed of geometrical shapes in soft colors

Let's get you ruling
your own resources

Your cloud resource powers are about to get stronger:
  • Define resource templates  and patterns
  • Create secure and conformant resources by default
  • Track resource ownership
  • Automate approvals and workflows
< Back
Get in touch

Thank you for reaching out,

expect a reply from someone on our team in your inbox soon.
😔 Oh no! Seems like something went wrong while submitting the form, please try again later.