Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Marc Seeger
May 20, 2014
Technology
16k
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
200
The DIRAC video codec
rb2k
1
98
Communitygetriebene Android Systemerweiterungen
rb2k
1
62
Alternative infrastructure
rb2k
1
190
NoSQL Lunch and Learn
rb2k
9
8.6k
Lunch and Learn: Cucumber and Capybara
rb2k
7
22k
Other Decks in Technology
See All in Technology
しくみを学んで使いこなそう GitHub Copilot app
torumakabe
1
200
Terraform共通モジュールをチーム横断で“変えられる”運用へ ― リリースと適用の分離
kekke_n
1
2.6k
AI駆動開発におけるQAエンジニアの役割事例 〜AI駆動開発の現場から〜
kobayashiyorimitsu
0
480
金融の未来を考える / Thinking About the Future of Finance
ks91
PRO
0
180
Making sense of Google’s agentic dev tools
glaforge
1
150
「早く出す」より「事業に効く」 ── 顧客の業務サイクルから逆算するAI時代の二重ループ開発と「変化の設計者」 / devsumi2026
rakus_dev
0
130
ヘルスケア領域における AI 活用と その安全性担保のための取り組み (Leveraging AI in Healthcare and Our Efforts to Ensure Its Safety) - Google I/O Extended Tokyo 2026, July 11, 2026
zettaittenani
0
260
あなたの『Site』はどこですか? — xREという考え方
miyamu
0
1.2k
プライバシー保護の理論と実践
lycorptech_jp
PRO
1
250
最近評価が難しくなった
maroon8021
0
320
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
15
110k
Genie Ontologyは銀の弾丸かを考える / Is Genie Ontology a Silver Bullet?
nttcom
0
200
Featured
See All Featured
sira's awesome portfolio website redesign presentation
elsirapls
0
300
The Anti-SEO Checklist Checklist. Pubcon Cyber Week
ryanjones
0
180
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
How To Speak Unicorn (iThemes Webinar)
marktimemedia
1
500
Amusing Abliteration
ianozsvald
1
220
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
55k
Building AI with AI
inesmontani
PRO
1
1.1k
The agentic SEO stack - context over prompts
schlessera
0
840
XXLCSS - How to scale CSS and keep your sanity
sugarenia
249
1.3M
Chasing Engaging Ingredients in Design
codingconduct
0
230
How to audit for AI Accessibility on your Front & Back End
davetheseo
0
460
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
1.2k
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs