Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
DevOpsDays GDL
February 21, 2020
Technology
390
0
Share
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
600
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
410
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
310
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
300
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
360
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
370
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
390
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
420
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
300
Other Decks in Technology
See All in Technology
多角的な視点から見たAGI
terisuke
0
120
大学職員のための生成AI最前線 :最前線を、AIガバナンスとして読み直すためのTips
gmoriki
2
3.6k
AI時代の品質はテストプロセスの作り直し #scrumniigata
kyonmm
PRO
4
1.3k
知ってた?JavaScriptの"正しさ"を検証するテストが5万以上もあること(Test262)
riyaamemiya
1
140
エージェントスキルを作って自分のインプットに役立てよう
tsubakimoto_s
0
540
AI時代に越境し、 組織を変えるQAスキルの正体 / QA Skills for Transforming an Organization
mii3king
5
3.8k
要件定義の精度を高めるための型と生成AIの活用 / Using Types and Generative AI to Improve the Accuracy of Requirements Definition
haru860
0
290
The 7 pitfalls of AI
ufried
0
190
Cortex Codeのコスト見積ヒントご紹介
yokatsuki
0
150
ファインディの事業拡大を支える 拡張可能なデータ基盤へのリアーキテクチャ
hiracky16
0
860
20260428_Product Management Summit_tadokoroyoshiro
tadokoro_yoshiro
15
18k
音声言語モデル手法に関する発表の紹介
kzinmr
0
160
Featured
See All Featured
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.9k
Why Your Marketing Sucks and What You Can Do About It - Sophie Logan
marketingsoph
0
140
SEO Brein meetup: CTRL+C is not how to scale international SEO
lindahogenes
1
2.6k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
How Software Deployment tools have changed in the past 20 years
geshan
0
33k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.9k
Writing Fast Ruby
sferik
630
63k
Product Roadmaps are Hard
iamctodd
PRO
55
12k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
287
14k
Utilizing Notion as your number one productivity tool
mfonobong
4
300
Leo the Paperboy
mayatellez
7
1.7k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.8k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
terisuke
gmoriki
kyonmm
riyaamemiya
tsubakimoto_s
mii3king
haru860
ufried
yokatsuki
hiracky16
tadokoro_yoshiro
kzinmr
honnibal
marketingsoph
lindahogenes
caitiem20
geshan
reverentgeek
sferik
iamctodd
stephaniewalter
mfonobong
mayatellez
marktimemedia
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}