Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
DevOpsDays GDL
February 21, 2020
Technology
0
360
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
550
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
370
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
250
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
250
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
320
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
320
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
350
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
370
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
260
Other Decks in Technology
See All in Technology
個人でデジタル庁の デザインシステムをVue.jsで 作っている話
nishiharatsubasa
3
5.1k
Zephyr(RTOS)にEdge AIを組み込んでみた話
iotengineer22
1
340
頭部ふわふわ浄酔器
uyupun
0
110
webpack依存からの脱却!快適フロントエンド開発をViteで実現する #vuefes
bengo4com
3
3.3k
プロファイルとAIエージェントによる効率的なデバッグ / Effective debugging with profiler and AI assistant
ymotongpoo
1
100
あなたの知らない Linuxカーネル脆弱性の世界
recruitengineers
PRO
3
150
ゼロコード計装導入後のカスタム計装でさらに可観測性を高めよう
sansantech
PRO
1
400
[2025年10月版] Databricks Data + AI Boot Camp
databricksjapan
1
260
オブザーバビリティが育むシステム理解と好奇心
maruloop
2
1.1k
GraphRAG グラフDBを使ったLLM生成(自作漫画DBを用いた具体例を用いて)
seaturt1e
1
150
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
14
82k
AI-Readyを目指した非構造化データのメダリオンアーキテクチャ
r_miura
1
320
Featured
See All Featured
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
34
2.3k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
Code Reviewing Like a Champion
maltzj
526
40k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
190
55k
Why Our Code Smells
bkeepers
PRO
340
57k
How to Ace a Technical Interview
jacobian
280
24k
Writing Fast Ruby
sferik
630
62k
Git: the NoSQL Database
bkeepers
PRO
431
66k
Product Roadmaps are Hard
iamctodd
PRO
55
11k
A designer walks into a library…
pauljervisheath
209
24k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
285
14k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]