Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
DevOpsDays GDL
February 21, 2020
Technology
0
380
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
590
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
400
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
300
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
290
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
350
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
360
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
370
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
410
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
290
Other Decks in Technology
See All in Technology
AI時代のオンプレ-クラウドキャリアチェンジ考
yuu0w0yuu
0
200
コンテキスト・ハーネスエンジニアリングの現在
hirosatogamo
PRO
6
710
"作る"から"使われる"へ:Backstage 活用の現在地
sbtechnight
0
240
SLI/SLO 導入で 避けるべきこと3選
yagikota
0
140
Kiro Meetup #7 Kiro アップデート (2025/12/15〜2026/3/20)
katzueno
2
200
GCASアップデート(202601-202603)
techniczna
0
250
「コントロールの三分法」で考える「コト」への向き合い方 / phperkaigi2026
blue_goheimochi
0
130
俺の/私の最強アーキテクチャ決定戦開催 ― チームで新しいアーキテクチャに適合していくために / 20260322 Naoki Takahashi
shift_evolve
PRO
1
380
【Λ(らむだ)】最近のアプデ情報 / RPALT20260318
lambda
0
150
SSoT(Single Source of Truth)で「壊して再生」する設計
kawauso
1
200
【社内勉強会】新年度からコーディングエージェントを使いこなす - 構造と制約で引き出すClaude Codeの実践知
nwiizo
10
6k
Copilot 宇宙へ 〜生成AIで「専門データの壁」を壊す方法〜
nakasho
0
140
Featured
See All Featured
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
122
21k
The Illustrated Guide to Node.js - THAT Conference 2024
reverentgeek
1
310
Optimizing for Happiness
mojombo
378
71k
What’s in a name? Adding method to the madness
productmarketing
PRO
24
4k
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
tomoyanonymous
2
570
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
Building Applications with DynamoDB
mza
96
7k
Un-Boring Meetings
codingconduct
0
230
Public Speaking Without Barfing On Your Shoes - THAT 2023
reverentgeek
1
340
Unlocking the hidden potential of vector embeddings in international SEO
frankvandijk
0
210
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
Data-driven link building: lessons from a $708K investment (BrightonSEO talk)
szymonslowik
1
980
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
SiteGround - Reliable hosting with speed, security, and support you can count on.
devopsdaysgdl
yuu0w0yuu
hirosatogamo
sbtechnight
yagikota
katzueno
techniczna
blue_goheimochi
shift_evolve
lambda
kawauso
nwiizo
nakasho
panda_program
reverentgeek
mojombo
productmarketing
tomoyanonymous
chriscoyier
mza
codingconduct
frankvandijk
wjessup
szymonslowik
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}