Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Marc Seeger
May 20, 2014
Technology
15k
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
200
The DIRAC video codec
rb2k
1
95
Communitygetriebene Android Systemerweiterungen
rb2k
1
61
Alternative infrastructure
rb2k
1
190
NoSQL Lunch and Learn
rb2k
9
8.6k
Lunch and Learn: Cucumber and Capybara
rb2k
7
22k
Other Decks in Technology
See All in Technology
なぜ Platform Engineering の土台に Kubernetes を選ぶのか
r4ynode
2
590
How Timee Delivers Day 1 Production Ready LLM Features
tomoyks
0
150
あなたの AI ワークスペースに、 専門コーダーを連れてくる - Amazon Quick Desktop 最新情報
kawaji_scratch
1
130
Djangoユーザが知っ得なPostgreSQL機能 - 設計の選択肢を増やす / Djang-use-PostgreSQL
soudai
PRO
1
230
日本 Fintech 未来予測レポート 2027〜2028年(手動編集版)
8maki
0
2.1k
200個のGitHubリポジトリを横断調査したかった
icck
0
110
エラーバジェットのアラートのタイミングを考える.pdf
kairim0
0
130
社内 AI エージェント Synapse と セマンティックレイヤーの育て方
hiroakis
2
1.7k
[モダンアプリ勉強会]今更聞けないGit/GitHub入門
tsukuboshi
0
370
Dario Amodi『Policy on the AI Exponential』を理解する
nagatsu
0
230
AIの性能が向上しても未解決な組織の重大問題は何か?/An Unsolved Organizational Problem in the Age of AI
moriyuya
4
620
Oracle AI Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
4
2.9k
Featured
See All Featured
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
2
570
Kristin Tynski - Automating Marketing Tasks With AI
techseoconnect
PRO
0
270
What’s in a name? Adding method to the madness
productmarketing
PRO
24
4.1k
The Pragmatic Product Professional
lauravandoore
37
7.3k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
141
35k
The Curse of the Amulet
leimatthew05
1
13k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
860
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
28
3.5k
We Have a Design System, Now What?
morganepeng
55
8.2k
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
baasie
0
580
Accessibility Awareness
sabderemane
1
140
Google's AI Overviews - The New Search
badams
0
1k
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs
rb2k
r4ynode
tomoyks
kawaji_scratch
soudai
8maki
icck
kairim0
hiroakis
tsukuboshi
nagatsu
moriyuya
oracle4engineer
inesmontani
techseoconnect
productmarketing
lauravandoore
eileencodes
leimatthew05
bluesmoon
morganepeng
baasie
sabderemane
badams
![Quick risk assessment Lucid: [00:35:27] [email protected]:~# openssl version OpenSSL 0.9.8k](https://files.speakerdeck.com/presentations/9c065900c310013186c31652ff098141/slide_7.jpg){kind=link}
