Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
DevOpsDays GDL
February 21, 2020
Technology
0
350
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
550
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
370
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
250
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
250
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
320
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
310
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
350
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
370
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
260
Other Decks in Technology
See All in Technology
BirdCLEF+2025 Noir 5位解法紹介
myso
0
190
Escaping_the_Kraken_-_October_2025.pdf
mdalmijn
0
120
ACA でMAGI システムを社内で展開しようとした話
mappie_kochi
1
250
Pure Goで体験するWasmの未来
askua
1
180
Large Vision Language Modelを用いた 文書画像データ化作業自動化の検証、運用 / shibuya_AI
sansan_randd
0
100
自動テストのコストと向き合ってみた
qa
0
110
生成AIを活用したZennの取り組み事例
ryosukeigarashi
0
200
実装で解き明かす並行処理の歴史
zozotech
PRO
1
320
成長自己責任時代のあるきかた/How to navigate the era of personal responsibility for growth
kwappa
3
270
PLaMo2シリーズのvLLM実装 / PFN LLM セミナー
pfn
PRO
2
970
動画データのポテンシャルを引き出す! Databricks と AI活用への奮闘記(現在進行形)
databricksjapan
0
140
Modern_Data_Stack最新動向クイズ_買収_AI_激動の2025年_.pdf
sagara
0
200
Featured
See All Featured
How STYLIGHT went responsive
nonsquared
100
5.8k
How to train your dragon (web standard)
notwaldorf
96
6.3k
Visualization
eitanlees
148
16k
The Pragmatic Product Professional
lauravandoore
36
6.9k
Context Engineering - Making Every Token Count
addyosmani
5
180
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
2.6k
Docker and Python
trallard
46
3.6k
Facilitating Awesome Meetings
lara
56
6.6k
GitHub's CSS Performance
jonrohan
1032
460k
Reflections from 52 weeks, 52 projects
jeffersonlam
352
21k
Designing Experiences People Love
moore
142
24k
Git: the NoSQL Database
bkeepers
PRO
431
66k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]