Akashdeep Goel, Sriram Rangarajan, and Samuel Fu, Netflix Inc
In this session, we'll discuss a distributed caching system used at Netflix in multiple regions on a public cloud, handling 400 million requests per second and managing 14 petabytes of data. We'll focus on the intricacies of securing this system, including certificate lifecycle management, spurious policy lookup calls, and securing proxy calls for polyglot clients. We will walk you through our debugging journey with tools like CPU profiling and memory dumps, share key takeaways, and demonstrate how these techniques can be applied in any organization. This session will provide valuable lessons on retrofitting high-leverage systems for security compliance and executing global-scale rollouts effectively.
Akashdeep Goel is a Senior Software Engineer at Netflix working on distributed systems handling large scale caching deployments for both streaming and gaming workloads across Netflix. Prior to this, Akashdeep was working on a distributed control plane at Azure CosmosDB (Microsoft) delivering standby and failover infrastructure. Outside of work, he enjoys road trips, playing snooker and exploring different cuisines.
Sriram Rangarajan is a Senior Software Engineer at Netflix, focusing on caching infrastructure. Previously, he worked on ad servers and search functionalities at Unity Technologies and Kamcord, and managed backend solutions at Yahoo and Hewlett Packard. Sriram holds a Master's degree in Computer Science from New York University.
Samuel Fu is a Software Engineer at Netflix working on distributed systems that help enable caching at scale, supporting both VOD and live streaming use cases. Prior to Netflix, Samuel worked on realtime streaming feature pipelines at Lyft, enabling features such as driver bonuses and ETA prediction. Outside of work, he likes to exercise (swimming, tennis), and practice music (cello and piano).
author = {Akashdeep Goel and Sriram Rangarajan and Samuel Fu},
title = {Securing Distributed Cache: Achieving {Secure-by-Default} with Key Challenges \& Insights},
year = {2025},
address = {Santa Clara, CA},
publisher = {USENIX Association},
month = mar
}