Share
Embed
Slide 1
Slide 1 text
Waroomͷ։ൃϞνϕʔγϣϯͱ
ࠓޙͷϩʔυϚοϓ
@nari_ex
1
Slide 2
Slide 2 text
2
Slide 3
Slide 3 text
3
Slide 4
Slide 4 text
ຊൃදͰ͍͑ͨ͜ͱ
• ͳͥWaroomΛ͡Ίͨͷ͔
• ͳʹΛࢦͯ͠WaroomΛ։ൃ͍ͯ͠Δͷ͔
• ͲͷΑ͏ͳ͜ͱΛߟ͑ͯࠓޙͷػೳΛੜΈग़ͦ͏ͱ͍ͯ͠Δ͔
※ ػೳͷৄࡉͳઆ໌͠ͳ͍ͷͰɺؾʹͳΔํTopotalͷਓʹ͓
͕͚͍ͩ͘͞ʂ
4
Slide 5
Slide 5 text
ɹ
1. WaroomੜͷܦҢ
2. Ϟνϕʔγϣϯͱϛογϣϯ
3. ݱࡏͷWaroomͷػೳհ
4. ࠓޙͷϩʔυϚοϓ
5
Slide 6
Slide 6 text
ɹ
• 2020/03 ண
• 2021/01 ΫϩʔζυβϦϦʔε
• 2022/11 ΦʔϓϯβϦϦʔε
• 2023/10 ਖ਼ࣜϦϦʔε
• 2024/06 Waroom Meetup։࠵ ←ŘŵŠŠ
6
Slide 7
Slide 7 text
ଟ͘ͷࣄۀΞΠσΟΞ͔ΒબΕͨ
7
Slide 8
Slide 8 text
SREΛ࣠ʹϏδωεΛ͠Α͏ͱܾΊͨཧ༝
8
Slide 9
Slide 9 text
ิ: όϦϡʔϓϩϙδγϣϯ
• Value Proposition
• ސ٬͕ͦͷΛखʹೖΕΔ͜ͱͰސ٬ʹ
ͨΒ͞ΕΔ໌֬Ͱ࣮ূՄೳͳརӹ
• Value PropositionΛੜΈग़͢ͱʁ
• ސ٬ʹͱͬͯຊʹඞཁͳՁΛߟ͑ɺͦ
͔͜ΒࣗࣾͷαʔϏε͕࣋ͭಠࣗͷՁΛ
ݟग़͢͜ͱ
refs: όϦϡʔϓϩϙδγϣϯͱʁ6ͭͷޭ
ྫͱॻ͖ํհ
9
Slide 10
Slide 10 text
৴པੑͷ֊ͱιϑτΣΞ
ιϦϡʔγϣϯ
ΠϯγσϯτϚωδϝϯτͷྖҬɺι
ϑτΣΞʹΑΔ՝ղܾ͕͖͠Ε͍ͯ
ͳ͍
→ ΠϯγσϯτϚωδϝϯτπʔϧͷඞ
ཁੑΛڧ͘ײͨ͡
10
Slide 11
Slide 11 text
ɹ
1. WaroomੜͷܦҢ
2. Ϟνϕʔγϣϯͱϛογϣϯ
3. ݱࡏͷWaroomͷػೳͷ͝հ
4. ࠓޙͷϩʔυϚοϓ
11
Slide 12
Slide 12 text
ΠϯγσϯτରԠ͕ͭΒ͍
• @nari_ex ͱ @rrreeeyyy ϓϥΠϚϦ
Φϯίʔϧ୲ͷܦݧଟ
• @sawa_zen ϑϩϯτΤϯυΤϯδχ
Ξͱͯ͠ΦϯίʔϧΛܦݧ
• ͨ·ʹॆ࣮ײಘΒΕΔͷͷɺϚΠ
φεͷײ͕େΛΊ͍ͯͨ......
12
Slide 13
Slide 13 text
WaroomͷMission
13
Slide 14
Slide 14 text
ʮͭΒ͍ʯΠϯγσϯτରԠΛແ͘͢
14
Slide 15
Slide 15 text
ʮͭΒ͍ʯΛੜΈग़͢3ͭͷ՝
• ྔͷ՝
• ex. ޡใɺޡݕ → Ξϥʔτͷਫ਼͕͍ࠪͨΜ
• ࣭ͷ՝
• ex. ෮چʹ͕͔͔࣌ؒΔɺରԠϛε͕ੜ͡Δɺղܾࡦ͕ෆ໌ྎ
• ࿈ܞͷ՝
• ex. ίϛϡχέʔγϣϯϛεϙςϯώοτʢ୭͔͕ରԠͯ͘͠ΕΔͱظͯ݁͠Ռతʹ
ݟಀ͢ʣ͕ى͖Δ
• ex. ରԠϝϯόʔʹภΓ͕͋ΔʢଐਓԽ͍ͯ͠Δʣ
15
Slide 16
Slide 16 text
3ͭͷ՝ͷΞϓϩʔν
• ྔͷݮ
• ඞཁͳͷ͚ͩ௨͢Δ
• ৗతʹࠜຊରࡦΛߦ͍ɺোΛஈ֊తʹݮΒ͢
• ࣭ͷ্
• ֤ఔΛޮԽɾࣗಈԽ͠ɺਝ͔ͭਖ਼֬ʹ෮چରԠΛߦ͏
• ࿈ܞͷڧԽ
• ͞·͟·ͳϝϯόʔ͕࿈ܞ͠ͳ͕Β৫తʹରԠ͢Δ
16
Slide 17
Slide 17 text
վળͷϑΟʔυόοΫϧʔϓΛͭ͘Δ
17
Slide 18
Slide 18 text
ɹ
1. WaroomੜͷܦҢ
2. Ϟνϕʔγϣϯͱϛογϣϯ
3. Waroomͷػೳͷհ
4. ࠓޙͷϩʔυϚοϓ
18
Slide 19
Slide 19 text
Waroomͷಛ
ීஈ௨ΓSlack্ͰΠϯγσϯτରԠΛߦ͏͜ͱͰ
͞·͟·ͳΞγετΛड͚Δ͜ͱ͕Ͱ͖·͢
19
Slide 20
Slide 20 text
ػೳհ: Πϯγσϯτએݴ࣌
ͷ୯७ͳλεΫͷࣗಈԽ
• Πϯγσϯτએݴ͕ߦΘΕΔͱҎԼͷ
λεΫ͕ࣗಈతʹ࣮ߦ͞Ε·͢
• ઐ༻νϟϯωϧͷ࡞
• νϟϯωϧ໊Πϯγσϯτ֓ཁ
͔Βࣗಈతʹܾఆ
• ରԠϝϯόʔͷট
• Runbookͷεςοϓදࣔ
20
Slide 21
Slide 21 text
ػೳհ: υΩϡϝϯτͷࣗಈ
ੜ
• SlackͰͷΓͱΓΛυΩϡϝϯτʹࣗ
ಈతʹ·ͱΊ·͢
• εςʔτυΩϡϝϯτͷࣗಈੜ
• ϙετϞʔςϜͷࣗಈੜ
21
Slide 22
Slide 22 text
ػೳհ: ରԠޙͷੳͷڧԽ
• ॏಞϥϕϧͳͲͷϝλσʔλ༩
ʹΑΔྨ
• Incident Key MetricsͷࣗಈऩूɾՄࢹ
Խ
• TTR, TTA...
• σϓϩΠͱΠϯγσϯτͷൺͷ
දࣔ
22
Slide 23
Slide 23 text
ɹ
1. WaroomੜͷܦҢ
2. Ϟνϕʔγϣϯͱϛογϣϯ
3. Waroomͷಛͷհ
4. ࠓޙͷϩʔυϚοϓ
23
Slide 24
Slide 24 text
ͬͱಋೖ͘͢͠ɺͬͱָʹ
24
Slide 25
Slide 25 text
ϦϦʔεϑΣʔζͱ։ൃํ
ϦϦʔε ։ൃํ
ணʙΦʔϓϯβϦϦʔε Ұ࿈ͷରԠϑϩʔΛ࣮ࢪͰ͖ΔΑ͏
ʹ͢Δ
Φʔϓϯβʙਖ਼ࣜϦϦʔε ࣄޙରԠͷτΠϧΛղܾ͢Δ
ਖ਼ࣜϦϦʔεҎ߱ ಋೖোนΛऔΓআ͘ +
ResponseϑΣʔζͷ՝Λղܾ͢Δ
25
Slide 26
Slide 26 text
ಋೖোนΛऔΓআ͘
26
Slide 27
Slide 27 text
ಋೖোนΛऔΓআ͘
ඦ໊نͷاۀͷਫ४ʹ߹ΘͤͯɺҎԼͷ2Λߦ͏༧ఆͰ͢ɻ
• ηΩϡϦςΟͷڧԽ
• ΧελϚΠζੑͷ্
27
Slide 28
Slide 28 text
ۙͷϦϦʔε༧ఆ
• ϓϥΠϕʔτΠϯγσϯτػೳ(ࡁ)
• PasskeyରԠ(ࡁ)
• ֤छυΩϡϝϯτʹର͢Δը૾ͷషΓ͚ɾૠೖʢ6݄தʣ
• ֤छςϯϓϨʔτͷΧελϚΠζʢ6݄Ҏ߱ɺॱ࣍ϦϦʔεʣ
• εςʔτυΩϡϝϯτɺϙετϞʔςϜɺSeverityɺϩʔϧ
• ୈࡾऀػؔʹΑΔηΩϡϦςΟೝূͷऔಘʢ6݄தʣ
28
Slide 29
Slide 29 text
தظతʹܭը͍ͯ͠Δػೳ
• SAMLೝূ(SP Initiatedํࣜ)
• Google WorkspaceʹରԠ༧ఆ
• Public API
29
Slide 30
Slide 30 text
ResponseϑΣʔζͷ՝Λղܾ͢Δ
30
Slide 31
Slide 31 text
31
Slide 32
Slide 32 text
Waroom͕ະղܾͷྖҬͱ
• ΠϯγσϯτൃੜʙରԠ։࢝·ͰͷϓϩηεࣗಈԽࡁΈ
• ରԠޙͷৼΓฦΓػೳࠎΈ͕Ͱ͖ͭͭ͋Δ
• ͔͠͠ɺରԠ։࢝ޙ·ͩ·ͩΞγετ͕Ͱ͖͍ͯͳ͍
• → ۩ମతʹͲ͕͜ղܾͰ͖͍ͯͳ͍ͷ͔......?
32
Slide 33
Slide 33 text
ϖϧιφΛ໌֬ʹ͠ɺରԠϑϩʔΛચ͍ग़͢
• Pre-IncidentϑΣʔζɺResponseϑΣʔζɺPost-IncidentϑΣʔ
ζͰͦΕͧΕղ
• ֤εςοϓ͝ͱʹͲͷ͘Β͍ϖΠϯ͕͋Γͦ͏͔Ͳ͏͔Λਪఆ
• ݱࡏͷWaroomͷػೳͰղফͨ͠ॴͱͰ͖͍ͯͳ͍ॴΛಛ
ఆ
→ ResponseϑΣʔζΛ෦తʹհ
33
Slide 34
Slide 34 text
34
Slide 35
Slide 35 text
ResponseϑΣʔζͷػೳΞΠσΟΞ
• ΠϯγσϯτίϚϯμʔͷΞγετ
• ΞΫγϣϯϦετͷఏࣔ
• ఆظΞϥʔϜ
• ෮چ୲ऀ(Responder)ͷΞγετ
• Precheckʢਖ਼ৗੑ֬ೝʣͷࣗಈԽ
• ݪҼɾղܾࡦҊͷϦετΞοϓ
• ྨࣅΠϯγσϯτͷఏҊ
• ίϛϡχέʔγϣϯ୲(Liaison)ͷΞγετ
• ఆܕతͳίϛϡχέʔγϣϯͷޮԽ
• εςʔλεϖʔδ࿈ܞ
35
Slide 36
Slide 36 text
ଞʹ·ͩ·ͩΓ͍ͨ͜ͱͨ͘͞Μ......
• ྔతͳ՝ͷࠜຊతͳΞϓϩʔν
• Incidental Incident ͷΩϟονΞοϓͱϑΟϧλϦϯά
• ΞϥʔτετʔϜʢ௨শ: ʣͷରॲ
• όʔϯϨʔτϕʔεΞϥʔτͱͷ࿈ܞ
• ෮چରԠྗͷڧԽ
• ΠϯγσϯτରԠ܇࿅ͷΈԽ
• ରԠσʔλͷ͞ΒͳΔੵͱ࠶׆༻
• ΠϯγσϯτσʔλϝτϦΫεͷΤΫεϙʔτ
36
Slide 37
Slide 37 text
·ͱΊ
• WaroomͷMissionʮͭΒ͍ʯΠϯγσϯτରԠΛແ͘͢͜ͱ
• ݱঢ়ͷWaroomɺΠϯγσϯτରԠʹඞཁͳػೳ͕ἧ͍ͭͭ
͋ΓɺಛʹPost-IncidentϑΣʔζͷ՝Λվળ͠͡Ί͍ͯ·
͢
• ·ͩ·ͩະணखͷྖҬଟʑ͋ΔͷͰɺࠓޙػೳ࣮Λ͕Μ
͍͖ͬͯ·͢
!
37
Slide 38
Slide 38 text
͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ
38