Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
DevOpsDays GDL
February 21, 2020
Technology
0
380
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
580
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
400
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
300
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
280
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
350
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
360
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
370
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
410
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
280
Other Decks in Technology
See All in Technology
チームメンバー迷わないIaC設計
hayama17
5
3.6k
競争優位を生み出す戦略的内製開発の実践技法
masuda220
PRO
2
530
サンタコンペ2025完全攻略 ~お前らの焼きなましは遅すぎる~
terryu16
1
570
Master Dataグループ紹介資料
sansan33
PRO
1
4.4k
技術的負債の泥沼から組織を救う3つの転換点
nwiizo
4
800
JAWS DAYS 2026 CDP道場 事前説明会 / JAWS DAYS 2026 CDP Dojo briefing document
naospon
0
110
マルチロールEMが実践する「組織のレジリエンス」を高めるための組織構造と人材配置戦略
coconala_engineer
2
260
All About Sansan – for New Global Engineers
sansan33
PRO
1
1.4k
男(監査)はつらいよ - Policy as CodeからAIエージェントへ
ken5scal
5
710
ヘルシーSRE
tk3fftk
2
230
Data Hubグループ 紹介資料
sansan33
PRO
0
2.8k
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
3k
Featured
See All Featured
AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference
aleyda
1
1.1k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
1.9k
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
117
110k
Conquering PDFs: document understanding beyond plain text
inesmontani
PRO
4
2.4k
Why You Should Never Use an ORM
jnunemaker
PRO
61
9.8k
KATA
mclloyd
PRO
35
15k
<Decoding/> the Language of Devs - We Love SEO 2024
nikkihalliwell
1
150
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
techseoconnect
PRO
0
110
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
380
How to Talk to Developers About Accessibility
jct
2
140
BBQ
matthewcrist
89
10k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
31
3.1k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
SiteGround - Reliable hosting with speed, security, and support you can count on.
devopsdaysgdl
hayama17
masuda220
terryu16
sansan33
nwiizo
naospon
coconala_engineer
ken5scal
tk3fftk
aleyda
reverentgeek
twada
inesmontani
jnunemaker
mclloyd
nikkihalliwell
techseoconnect
chikuwait
jct
matthewcrist
danielanewman
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}