Netflix releases desktop versions of device security app Stethoscope

New WAF attack timelines show the start and end of a threat.
No more logs. See how →

In early 2017, the Netflix team open sourced Stethoscope, an application that collects information about users’ devices and provides them with recommendations for securing them.

At the time, the app was web-based, and checked devices for things like enabled disk encryption, firewall, screen lock, automatic updates (and whether the OS and various software is up-to-date), and installed security tools.

The app still checks for all that and a few other things (e.g., whether remote login is enabled or disabled), but Windows 10 and macOS users now have the option of installing a desktop app.

netflix stethoscope

Stethoscope features

The Stethoscope app promotes good security configurations for desktop and laptop computers, but it does not force the users to do anything: it simply provides them with actionable information on how to make their devices more secure.

“The app is built with a default policy, which specifies recommended OS versions and security settings: disk encryption, screensaver password, no remote login, etc. When you open the app, it will run the osquery device queries, evaluate the results against the policy, and show instructions for any recommended actions. This will work as a standalone checklist, without needing to report any data to a central server. In fact, it doesn’t even require internet connectivity.”

The app does not run as root, has no elevated privileges, and does not make any of the changes it recommends.

“This respects the user’s ownership of their device settings, but also has the benefit of not adding risk of settings being changed maliciously via the app,” they pointed out.

To minimize impact on device performance, the native app does not do continual scanning.

Plans for the future

The team is also working on a native mobile app, written with React Native.

The initial web-based Stethoscope app also tests devices to show whether they have been rooted/jailbroken, so I think we can expect this in the mobile app.

Stethoscope can be used by individuals, but it’s primarily meant to be deployed by organizations to hopefully improve the security of the enterprise and personal devices used by their employees.

“We hope that other organizations find the Stethoscope app to be a useful tool, and we welcome contributions and opportunities for collaboration,” one of the developers added in the announcement.

Are you protecting your users and sensitive O365 data from being leaked? Learn how Specops Authentication for O365 can help.