$30 off During Our Annual Pro Sale. View Details »
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Marc Seeger
May 20, 2014
Technology
0
15k
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
Tweet
Share
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
180
The DIRAC video codec
rb2k
1
84
Communitygetriebene Android Systemerweiterungen
rb2k
1
54
Alternative infrastructure
rb2k
1
180
NoSQL Lunch and Learn
rb2k
9
8.5k
Lunch and Learn: Cucumber and Capybara
rb2k
7
21k
Other Decks in Technology
See All in Technology
Snowflake導入から1年、LayerXのデータ活用の現在 / One Year into Snowflake: How LayerX Uses Data Today
civitaspo
0
2.4k
AgentCore BrowserとClaude Codeスキルを活用した 『初手AI』を実現する業務自動化AIエージェント基盤
ruzia
7
1.5k
Strands AgentsとNova 2 SonicでS2Sを実践してみた
yama3133
1
1.9k
ペアーズにおけるAIエージェント 基盤とText to SQLツールの紹介
hisamouna
2
1.7k
Bedrock AgentCore Evaluationsで学ぶLLM as a judge入門
shichijoyuhi
2
250
100以上の新規コネクタ提供を可能にしたアーキテクチャ
ooyukioo
0
250
2025-12-18_AI駆動開発推進プロジェクト運営について / AIDD-Promotion project management
yayoi_dd
0
160
Introduce marp-ai-slide-generator
itarutomy
0
130
半年で、AIゼロ知識から AI中心開発組織の変革担当に至るまで
rfdnxbro
0
140
マイクロサービスへの5年間 ぶっちゃけ何をしてどうなったか
joker1007
20
7.8k
「もしもデータ基盤開発で『強くてニューゲーム』ができたなら今の僕はどんなデータ基盤を作っただろう」
aeonpeople
0
250
Authlete で実装する MCP OAuth 認可サーバー #CIMD の実装を添えて
watahani
0
180
Featured
See All Featured
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Embracing the Ebb and Flow
colly
88
4.9k
Building an army of robots
kneath
306
46k
How to build a perfect <img>
jonoalderson
0
4.7k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
1.8k
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
92
Stewardship and Sustainability of Urban and Community Forests
pwiseman
0
73
Product Roadmaps are Hard
iamctodd
PRO
55
12k
Leadership Guide Workshop - DevTernity 2021
reverentgeek
0
170
How to Talk to Developers About Accessibility
jct
1
85
ReactJS: Keep Simple. Everything can be a component!
pedronauck
666
130k
Applied NLP in the Age of Generative AI
inesmontani
PRO
3
2k
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs
rb2k
civitaspo
ruzia
yama3133
hisamouna
shichijoyuhi
ooyukioo
yayoi_dd
itarutomy
rfdnxbro
joker1007
aeonpeople
watahani
samlambert
colly
kneath
jonoalderson
reverentgeek
sabderemane
pwiseman
iamctodd
jct
pedronauck
inesmontani
![Quick risk assessment Lucid: [00:35:27] [email protected]:~# openssl version OpenSSL 0.9.8k](https://files.speakerdeck.com/presentations/9c065900c310013186c31652ff098141/slide_7.jpg){kind=link}
