Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Marc Seeger
May 20, 2014
Technology
0
15k
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
Tweet
Share
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
170
The DIRAC video codec
rb2k
1
83
Communitygetriebene Android Systemerweiterungen
rb2k
1
54
Alternative infrastructure
rb2k
1
180
NoSQL Lunch and Learn
rb2k
9
8.5k
Lunch and Learn: Cucumber and Capybara
rb2k
7
21k
Other Decks in Technology
See All in Technology
身近なCSVを活用する!AWSのデータ分析基盤アーキテクチャ
koosun
0
3.9k
How We Built a Secure Sandbox Platform for AI
flatt_security
1
110
Building AI Applications with Java, LLMs, and Spring AI
thomasvitale
1
230
大規模プロダクトで実践するAI活用の仕組みづくり
k1tikurisu
5
1.8k
AI時代の戦略的アーキテクチャ 〜Adaptable AI をアーキテクチャで実現する〜 / Enabling Adaptable AI Through Strategic Architecture
bitkey
PRO
15
9.6k
The Complete Android UI Testing Landscape: From Journey to Traditional Approaches
alexzhukovich
1
100
技術広報のOKRで生み出す 開発組織への価値 〜 カンファレンス協賛を通して育む学びの文化 〜 / Creating Value for Development Organisations Through Technical Communications OKRs — Nurturing a Culture of Learning Through Conference Sponsorship —
pauli
5
520
Kubernetesと共にふりかえる! エンタープライズシステムのインフラ設計・テストの進め方大全
daitak
0
440
Redux → Recoil → Zustand → useSyncExternalStore: 状態管理の10年とReact本来の姿
zozotech
PRO
21
9k
.NET 10のEntity Framework Coreの新機能
htkym
0
100
AI駆動開発2025年振り返りとTips集
knr109
1
100
[CV勉強会@関東 ICCV2025 読み会] World4Drive: End-to-End Autonomous Driving via Intention-aware Physical Latent World Model (Zheng+, ICCV 2025)
abemii
0
250
Featured
See All Featured
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
132
19k
Automating Front-end Workflow
addyosmani
1371
200k
Code Review Best Practice
trishagee
72
19k
Typedesign – Prime Four
hannesfritz
42
2.9k
jQuery: Nuts, Bolts and Bling
dougneiner
65
8k
Leading Effective Engineering Teams in the AI Era
addyosmani
8
1.1k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
127
54k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
1.8k
Navigating Team Friction
lara
190
16k
How Fast Is Fast Enough? [PerfNow 2025]
tammyeverts
3
340
Writing Fast Ruby
sferik
630
62k
Keith and Marios Guide to Fast Websites
keithpitt
413
23k
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs
rb2k
koosun
flatt_security
thomasvitale
k1tikurisu
bitkey
alexzhukovich
pauli
daitak
zozotech
htkym
knr109
abemii
morganepeng
addyosmani
trishagee
hannesfritz
dougneiner
aki_iinuma
garrettdimon
lara
tammyeverts
sferik
keithpitt
![Quick risk assessment Lucid: [00:35:27] [email protected]:~# openssl version OpenSSL 0.9.8k](https://files.speakerdeck.com/presentations/9c065900c310013186c31652ff098141/slide_7.jpg){kind=link}
