Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
DevOpsDays GDL
February 21, 2020
Technology
0
350
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
540
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
370
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
250
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
250
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
320
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
310
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
350
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
360
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
260
Other Decks in Technology
See All in Technology
「全員プロダクトマネージャー」を実現する、Cursorによる仕様検討の自動運転
applism118
22
12k
企業の生成AIガバナンスにおけるエージェントとセキュリティ
lycorptech_jp
PRO
2
190
開発者を支える Internal Developer Portal のイマとコレカラ / To-day and To-morrow of Internal Developer Portals: Supporting Developers
aoto
PRO
1
480
「その開発、認知負荷高すぎませんか?」Platform Engineeringで始める開発者体験カイゼン術
sansantech
PRO
2
510
Terraformで構築する セルフサービス型データプラットフォーム / terraform-self-service-data-platform
pei0804
1
190
S3アクセス制御の設計ポイント
tommy0124
3
200
AI時代を生き抜くエンジニアキャリアの築き方 (AI-Native 時代、エンジニアという道は 「最大の挑戦の場」となる) / Building an Engineering Career to Thrive in the Age of AI (In the AI-Native Era, the Path of Engineering Becomes the Ultimate Arena of Challenge)
jeongjaesoon
0
240
要件定義・デザインフェーズでもAIを活用して、コミュニケーションの密度を高める
kazukihayase
0
120
IoT x エッジAI - リアルタイ ムAI活用のPoCを今すぐ始め る方法 -
niizawat
0
120
ブロックテーマ時代における、テーマの CSS について考える Toro_Unit / 2025.09.13 @ Shinshu WordPress Meetup
torounit
0
130
JTCにおける内製×スクラム開発への挑戦〜内製化率95%達成の舞台裏/JTC's challenge of in-house development with Scrum
aeonpeople
0
260
20250910_障害注入から効率的復旧へ_カオスエンジニアリング_生成AIで考えるAWS障害対応.pdf
sh_fk2
3
270
Featured
See All Featured
The Invisible Side of Design
smashingmag
301
51k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.1k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
131
19k
Bash Introduction
62gerente
615
210k
A Tale of Four Properties
chriscoyier
160
23k
Facilitating Awesome Meetings
lara
55
6.5k
Building Flexible Design Systems
yeseniaperezcruz
329
39k
Git: the NoSQL Database
bkeepers
PRO
431
66k
We Have a Design System, Now What?
morganepeng
53
7.8k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
580
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]