Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
DevOpsDays GDL
February 21, 2020
Technology
0
370
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
570
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
390
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
270
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
270
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
340
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
340
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
360
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
380
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
280
Other Decks in Technology
See All in Technology
マイクロサービスへの5年間 ぶっちゃけ何をしてどうなったか
joker1007
22
8.3k
AI駆動開発ライフサイクル(AI-DLC)の始め方
ryansbcho79
0
200
Introduce marp-ai-slide-generator
itarutomy
0
140
20251218_AIを活用した開発生産性向上の全社的な取り組みの進め方について / How to proceed with company-wide initiatives to improve development productivity using AI
yayoi_dd
0
730
コールドスタンバイ構成でCDは可能か
hiramax
0
100
Connection-based OAuthから学ぶOAuth for AI Agents
flatt_security
0
400
通勤手当申請チェックエージェント開発のリアル
whisaiyo
3
490
「もしもデータ基盤開発で『強くてニューゲーム』ができたなら今の僕はどんなデータ基盤を作っただろう」
aeonpeople
0
250
20251219 OpenIDファウンデーション・ジャパン紹介 / OpenID Foundation Japan Intro
oidfj
0
520
Amazon Connect アップデート! AIエージェントにMCPツールを設定してみた!
ysuzuki
0
150
2025年のデザインシステムとAI 活用を振り返る
leveragestech
0
360
AI との良い付き合い方を僕らは誰も知らない
asei
0
280
Featured
See All Featured
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
320
BBQ
matthewcrist
89
9.9k
Designing Experiences People Love
moore
143
24k
Odyssey Design
rkendrick25
PRO
0
440
Facilitating Awesome Meetings
lara
57
6.7k
Future Trends and Review - Lecture 12 - Web Technologies (1019888BNR)
signer
PRO
0
3.1k
Visual Storytelling: How to be a Superhuman Communicator
reverentgeek
2
400
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.6k
A brief & incomplete history of UX Design for the World Wide Web: 1989–2019
jct
1
270
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
190
The untapped power of vector embeddings
frankvandijk
1
1.5k
The Cult of Friendly URLs
andyhume
79
6.7k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
joker1007
ryansbcho79
itarutomy
yayoi_dd
hiramax
flatt_security
whisaiyo
aeonpeople
oidfj
ysuzuki
leveragestech
asei
konakalab
matthewcrist
moore
rkendrick25
lara
signer
reverentgeek
bcantrill
jct
tmiket
frankvandijk
andyhume
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}