Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
DevOpsDays GDL
February 21, 2020
Technology
410
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
610
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
420
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
330
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
310
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
370
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
390
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
400
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
430
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
310
Other Decks in Technology
See All in Technology
End-to-Endで考える信頼性 —LINEアプリにおけるクライアント開発×SRE連携の実践
maruloop
4
4.2k
Foxgloveについて 実際にExtensionを開発して公開するまでの話 / About Foxglove: The Story of Developing and Releasing an Extension
ry0_ka
0
230
脱金融のフューチャー・デザイン / Future Design Beyond Finance
ks91
PRO
0
150
地域 SRE コミュニティ最前線 / SRE NEXT 2026 Discussion Night Track C
muziyoshiz
0
220
AIと共生する開発者プラットフォーム:バクラクのモノレポ×マイクロサービス基盤
sakajunquality
2
3.5k
[2026-07-15] AI Ready なはずだったアーキテクチャと、見えてきた課題・次に目指す状態
wxyzzz
6
3.3k
SRE依存からの脱却 運用を開 発チームへ移す、 フルサイ クル開 発体制の実践
joooee0000
0
2.7k
CDKで書くECSのベストプラクティス、 改めて考え直す2026 #cdkconf2026
makies
0
140
ZOZOTOWNの進化と信頼性を両立する負荷試験
zozotech
PRO
2
160
“それは自分の仕事じゃない"を越えて行け
yuukiyo
0
270
ruby.wasmとPicoRuby.wasmに対応した仮想DOMライブラリを作ってる話 #kaigieffect_kaigi
sue445
PRO
0
150
Road to SRE NEXTの今までとこれから
hiroyaonoe
0
310
Featured
See All Featured
The Pragmatic Product Professional
lauravandoore
37
7.4k
Highjacked: Video Game Concept Design
rkendrick25
PRO
1
410
HTML-Aware ERB: The Path to Reactive Rendering @ RubyCon 2026, Rimini, Italy
marcoroth
2
320
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
Neural Spatial Audio Processing for Sound Field Analysis and Control
skoyamalab
0
370
Code Reviewing Like a Champion
maltzj
528
40k
How to audit for AI Accessibility on your Front & Back End
davetheseo
0
460
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
35
2.5k
Agile Leadership in an Agile Organization
kimpetersen
PRO
0
190
Art, The Web, and Tiny UX
lynnandtonic
304
22k
Build your cross-platform service in a week with App Engine
jlugia
234
18k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]