Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
DevOpsDays GDL
February 21, 2020
Technology
0
370
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
580
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
390
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
280
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
280
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
340
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
350
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
360
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
390
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
280
Other Decks in Technology
See All in Technology
セキュリティ はじめの一歩
nikinusu
0
1.3k
エンジニアとマネジメントの距離/Engineering and Management
ikuodanaka
3
690
JuliaTokaiとしてはこれが最後かもしれない(仮) for NGK2026S
antimon2
0
130
Meshy Proプラン課金した
henjin0
0
130
Embedded SREの終わりを設計する 「なんとなく」から計画的な自立支援へ
sansantech
PRO
1
420
人はいかにして 確率的な挙動を 受け入れていくのか
vaaaaanquish
5
3.2k
AI開発をスケールさせるデータ中心の仕組みづくり
kzykmyzw
0
190
制約が導く迷わない設計 〜 信頼性と運用性を両立するマイナンバー管理システムの実践 〜
bwkw
2
470
ファシリテーション勉強中 その場に何が求められるかを考えるようになるまで / 20260123 Naoki Takahashi
shift_evolve
PRO
3
410
ブロックテーマでサイトをリニューアルした話 / 2026-01-31 Kansai WordPress Meetup
torounit
0
230
変化するコーディングエージェントとの現実的な付き合い方 〜Cursor安定択説と、ツールに依存しない「資産」〜
empitsu
4
830
「AIでできますか?」から「Agentを作ってみました」へ ~「理論上わかる」と「やってみる」の隔たりを埋める方法
applism118
14
9k
Featured
See All Featured
Marketing to machines
jonoalderson
1
4.6k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
117
100k
Applied NLP in the Age of Generative AI
inesmontani
PRO
4
2k
Accessibility Awareness
sabderemane
0
45
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
0
310
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1.1k
The Invisible Side of Design
smashingmag
302
51k
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
kimpetersen
PRO
0
230
Impact Scores and Hybrid Strategies: The future of link building
tamaranovitovic
0
190
Getting science done with accelerated Python computing platforms
jacobtomlinson
1
110
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
47
7.9k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
nikinusu
.jpg){kind=avatar}
ikuodanaka
antimon2
henjin0
sansantech
vaaaaanquish
kzykmyzw
bwkw
shift_evolve
torounit
empitsu
applism118
jonoalderson
tanoku
twada
inesmontani
sabderemane
katarinadahlin
irinanazarova
smashingmag
kimpetersen
tamaranovitovic
jacobtomlinson
eileencodes
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}