Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
DevOpsDays GDL
February 21, 2020
Technology
0
380
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
590
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
400
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
300
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
290
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
350
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
360
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
370
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
410
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
290
Other Decks in Technology
See All in Technology
SSoT(Single Source of Truth)で「壊して再生」する設計
kawauso
1
210
Astro Islandsの 内部実装を 「日本で一番わかりやすく」 ざっくり解説!
knj
0
170
FastMCP OAuth Proxy with Cognito
hironobuiga
3
120
スピンアウト講座06_認証系(API-OAuth-MCP)入門
overflowinc
0
670
イベントで大活躍する電子ペーパー名札を作る(その2) 〜 M5PaperとM5PaperS3 〜 / IoTLT @ JLCPCB オープンハードカンファレンス
you
PRO
0
180
Kiroで見直す開発プロセスとAI-DLC
k_adachi_01
0
110
A Casual Introduction to RISC-V
omasanori
0
530
AI時代のオンプレ-クラウドキャリアチェンジ考
yuu0w0yuu
0
200
脳が溶けた話 / Melted Brain
keisuke69
0
250
Phase05_ClaudeCode入門
overflowinc
0
1.3k
事例から紐解くSHIFT流QA支援 ~大規模プロジェクトの品質管理支援、QA組織立ち上げ~ / 20260320 Nozomu Koketsu
shift_evolve
PRO
0
120
Visional 28新卒プロダクト職(エンジニア/デザイナー)向け 会社説明資料 / Visional Company Briefing for Newgrads 28
visional_engineering_and_design
1
110
Featured
See All Featured
[SF Ruby Conf 2025] Rails X
palkan
2
840
Why Mistakes Are the Best Teachers: Turning Failure into a Pathway for Growth
auna
0
92
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
199
73k
How to Talk to Developers About Accessibility
jct
2
160
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
What does AI have to do with Human Rights?
axbom
PRO
1
2k
The untapped power of vector embeddings
frankvandijk
2
1.6k
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
650
Into the Great Unknown - MozCon
thekraken
40
2.3k
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
kimpetersen
PRO
0
270
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.8k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
2.5k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
kawauso
knj
hironobuiga
overflowinc
you
k_adachi_01
omasanori
yuu0w0yuu
keisuke69
shift_evolve
visional_engineering_and_design
palkan
auna
soudai
jct
wjessup
axbom
frankvandijk
baasie
thekraken
kimpetersen
honnibal
garrettdimon
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}