Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
DevOpsDays GDL
February 21, 2020
Technology
400
0
Share
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
600
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
410
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
320
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
300
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
370
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
380
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
390
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
430
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
300
Other Decks in Technology
See All in Technology
Databricks 月刊サービスアップデート 2026年05月号
tyosi1212
0
120
さきさん文庫の書籍ができるまで
sakiengineer
0
310
AI駆動開発でなんでもハンズオン環境をつくってみた
yoshimi0227
0
180
Generative UI × A2UI で AI エージェントを作った話 AI-DLC も使ってみた!
kmiya84377
1
280
Datadog 認定試験の概要と対策
uechishingo
0
190
電子辞書Brainをネットに繋げてみた(自力編)
raspython3
0
320
食べログのサーキットブレーカー導入を振り返って
atpons
1
150
Diagnosing performance problems without the guesswork
elenatanasoiu
0
120
Agentic AI時代における メルカリのAIガバナンスとガードレール実装
naoichihara
16
17k
Oracle AI Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
6
1.8k
A Harness for Behaviour: how to get AI to generate code that does what we intend, or "TDD in the age of AI"
xpmatteo
1
520
long-running-tasks
cipepser
2
440
Featured
See All Featured
Tell your own story through comics
letsgokoyo
1
930
How To Speak Unicorn (iThemes Webinar)
marktimemedia
1
470
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
800
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
aleyda
1
2.1k
The Anti-SEO Checklist Checklist. Pubcon Cyber Week
ryanjones
0
140
Technical Leadership for Architectural Decision Making
baasie
3
380
Highjacked: Video Game Concept Design
rkendrick25
PRO
1
370
Crafting Experiences
bethany
1
160
Stop Working from a Prison Cell
hatefulcrawdad
274
21k
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
1
1.2k
Why Your Marketing Sucks and What You Can Do About It - Sophie Logan
marketingsoph
0
160
The Limits of Empathy - UXLibs8
cassininazir
1
340
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
tyosi1212
sakiengineer
yoshimi0227
kmiya84377
uechishingo
raspython3
atpons
elenatanasoiu
naoichihara
oracle4engineer
xpmatteo
cipepser
letsgokoyo
marktimemedia
baasie
aleyda
ryanjones
rkendrick25
bethany
hatefulcrawdad
marketingsoph
cassininazir
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}