Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Leoswaldo Macias - Protecting your App in the Cloud

DevOpsDays GDL
February 21, 2020
Technology
0
170

Leoswaldo Macias - Protecting your App in the Cloud

DevOps Days GDL 2020 - February 20th

DevOpsDays GDL

February 21, 2020
Tweet

More Decks by DevOpsDays GDL

See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
290
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
200
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
150
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
150
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
210
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
190
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
220
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
190
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
150

Other Decks in Technology

See All in Technology
スタートアップだからこそ考えるフロントエンドのテスト戦略
yoshinagaiwnl
4
550
最先端の質問応答技術の研究開発と迅速な実用化ーStudio Ousiaでの取り組みー
ikuyamada
2
470
大規模言語モデルで変わるMLシステム開発
hirosatogamo
10
6.2k
開幕LT
makamaka
0
360
How we build Ads Platform in Rust
mapbox_jp
1
210
ワイヤレス電力伝送について
sbtechnight
PRO
0
430
知識拡張型言語モデルLUKE
ikuyamada
1
410
自分のデータは自分で守る - あなたのCI/CDパイプラインをセキュアにする処方箋
jacopen
4
440
「はたらく」前に知るべきIT企業5つのヒミツ 〜プロが教えるプロダクト開発最前線〜 / geeksai_2023spring
visional_engineering_and_design
0
250
テスト技法を使ったテストケースの表現方法/How to express test cases using test techniques
shimashima35
0
260
人生がときめく自宅ネットワークの魔法
tatematsu_san
1
510
Concevoir son API pour le futur
tgalopin
0
230

Featured

See All Featured
A Tale of Four Properties
chriscoyier
149
21k
The MySQL Ecosystem @ GitHub 2015
samlambert
240
11k
Typedesign – Prime Four
hannesfritz
34
1.6k
Scaling GitHub
holman
453
140k
The Power of CSS Pseudo Elements
geoffreycrofte
53
4.4k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
227
16k
The Brand Is Dead. Long Live the Brand.
mthomps
48
3k
Atom: Resistance is Futile
akmur
256
24k
Bash Introduction
62gerente
602
210k
Testing 201, or: Great Expectations
jmmastey
25
5.8k
Practical Orchestrator
shlominoach
178
9k
The Straight Up "How To Draw Better" Workshop
denniskardys
226
130k

Transcript

  1. Protecting your
    App in the Cloud
    @LeoswaldoMacias

    View Slide

  2. Misconception

    View Slide

  3. Shared Responsibility Model

    View Slide

  4. “If you have access to change it then it is
    yours, if not, then it’s theirs”

    View Slide

  5. Incident Prevention
    A process to set instruments/tools/services to avoid possible threats or
    impacts during an attack
    Incident Response Plan
    What to do when once we are impacted

    View Slide

  6. Compliance Updates
    Maintain your instances up to date (OS, Libraries)
    Network
    Does this need to be public accessible?
    What ports should I let in?
    What traffic should go out?
    Encryption
    At rest
    In transit
    Secret Management
    Keep your secret data secret

    View Slide

  7. Network: Content Delivery Network
    CDN
    Content Delivery Network
    Your App
    WAF

    View Slide

  8. Network: Web Application Firewalls
    Firewall Layer 3 and 4
    WAF Contains Layer 7 attacks by inspecting for:
    ● SQL Injections
    ● XSS
    ● Origin Geographically requests
    ● String appearances
    ● … and more

    View Slide

  9. At least you know
    How soon or late?
    What are the actions
    taken?

    View Slide

  10. Incident Response Plan
    ● Preparation
    ● Detection
    ● Containment
    ● Investigation
    ● Recovery
    ● Lesson Learn

    View Slide

  11. Preparation
    Log everything you can (this will
    also help for auditing)
    ● Application Logs
    ● Server Logs
    ● Network Logs (Traces)
    ● Access Logs and more
    Design the infrastructure to
    prevent single point of failure

    View Slide

  12. Detection
    Monitoring and Alerting
    ● Behaviour rules like traffic spikes, CPU
    and Memory consumption
    ● Traffic from countries not served
    ● Sign in failures
    Page System :(

    View Slide

  13. Containment
    Use automated processes to isolate any
    further impact like:
    ● Creating Network rules
    Make sure the impacted surface does
    not grow

    View Slide

  14. Investigation
    ● Analyze logs and timelines
    ● Check which alarming systems triggered
    ● Check Dashboards

    View Slide

  15. Recovery
    Get your environment to
    normal state

    View Slide

  16. Lessons Learned
    Make sure all missings are documented and ARs are assigned
    and tracked

    View Slide

  17. Take Away #1
    All applications are subject to exploits

    View Slide

  18. Take Away #2
    I’d rather invest more money on security checks, tools,
    automation, than risking customer/company data

    View Slide

  19. Take Away #3
    Security is a shared responsibility to be carried among
    all company employees, not only the Security crew

    View Slide

  20. Thanks!
    @LeoswaldoMacias
    [email protected]

    View Slide