Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
DevOpsDays GDL
February 21, 2020
Technology
0
390
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
590
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
400
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
310
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
290
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
360
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
360
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
380
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
420
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
290
Other Decks in Technology
See All in Technology
韓非子に学ぶAI活用術
tomfook
4
1.2k
JAWS DAYS 2026でAIの「もやっと」感が解消された話
smt7174
1
110
TUNA Camp 2026 京都Stage ヒューリスティックアルゴリズム入門
terryu16
0
620
スケーリングを封じられたEC2を救いたい
senseofunity129
0
120
Embeddings : Symfony AI en pratique
lyrixx
0
420
Oracle AI Database@Google Cloud:サービス概要のご紹介
oracle4engineer
PRO
5
1.2k
PostgreSQL 18のNOT ENFORCEDな制約とDEFERRABLEの関係
yahonda
0
150
夢の無限スパゲッティ製造機 #phperkaigi
o0h
PRO
0
400
How to install a gem
indirect
0
1.9k
LLMに何を任せ、何を任せないか
cap120
10
6.2k
BFCacheを活用して無限スクロールのUX を改善した話
apple_yagi
0
130
来期の評価で変えようと思っていること 〜AI時代に変わること・変わらないこと〜
estie
0
120
Featured
See All Featured
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
199
73k
Scaling GitHub
holman
464
140k
AI in Enterprises - Java and Open Source to the Rescue
ivargrimstad
0
1.2k
Google's AI Overviews - The New Search
badams
0
950
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
430
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
1
1.2k
Leadership Guide Workshop - DevTernity 2021
reverentgeek
1
250
30 Presentation Tips
portentint
PRO
1
260
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
techseoconnect
PRO
0
90
Noah Learner - AI + Me: how we built a GSC Bulk Export data pipeline
techseoconnect
PRO
0
150
Paper Plane
katiecoart
PRO
0
48k
Color Theory Basics | Prateek | Gurzu
gurzu
0
270
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
tomfook
smt7174
terryu16
senseofunity129
lyrixx
oracle4engineer
yahonda
o0h
indirect
cap120
apple_yagi
estie
soudai
holman
ivargrimstad
badams
chikuwait
aleyda
reverentgeek
portentint
techseoconnect
katiecoart
gurzu
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}