Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Marc Seeger
May 20, 2014
Technology
0
15k
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
Tweet
Share
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
180
The DIRAC video codec
rb2k
1
87
Communitygetriebene Android Systemerweiterungen
rb2k
1
56
Alternative infrastructure
rb2k
1
180
NoSQL Lunch and Learn
rb2k
9
8.6k
Lunch and Learn: Cucumber and Capybara
rb2k
7
22k
Other Decks in Technology
See All in Technology
All About Sansan – for New Global Engineers
sansan33
PRO
1
1.4k
StrandsとNeptuneを使ってナレッジグラフを構築する
yakumo
1
120
ブロックテーマでサイトをリニューアルした話 / 2026-01-31 Kansai WordPress Meetup
torounit
0
470
ランサムウェア対策としてのpnpm導入のススメ
ishikawa_satoru
0
170
Bill One急成長の舞台裏 開発組織が直面した失敗と教訓
sansantech
PRO
2
380
SREチームをどう作り、どう育てるか ― Findy横断SREのマネジメント
rvirus0817
0
300
今日から始める Amazon Bedrock AgentCore
har1101
4
410
学生・新卒・ジュニアから目指すSRE
hiroyaonoe
2
630
小さく始めるBCP ― 多プロダクト環境で始める最初の一歩
kekke_n
1
440
Claude_CodeでSEOを最適化する_AI_Ops_Community_Vol.2__マーケティングx_AIはここまで進化した.pdf
riku_423
2
590
AIと新時代を切り拓く。これからのSREとメルカリIBISの挑戦
0gm
0
2.3k
Embedded SREの終わりを設計する 「なんとなく」から計画的な自立支援へ
sansantech
PRO
3
2.5k
Featured
See All Featured
Fashionably flexible responsive web design (full day workshop)
malarkey
408
66k
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
120
So, you think you're a good person
axbom
PRO
2
1.9k
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
1
440
Noah Learner - AI + Me: how we built a GSC Bulk Export data pipeline
techseoconnect
PRO
0
110
Designing for Performance
lara
610
70k
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
590
[SF Ruby Conf 2025] Rails X
palkan
1
760
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
How to Align SEO within the Product Triangle To Get Buy-In & Support - #RIMC
aleyda
1
1.4k
Design in an AI World
tapps
0
140
The Mindset for Success: Future Career Progression
greggifford
PRO
0
240
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs
rb2k
sansan33
yakumo
torounit
ishikawa_satoru
sansantech
rvirus0817
har1101
hiroyaonoe
kekke_n
riku_423
0gm
malarkey
sabderemane
axbom
inesmontani
techseoconnect
lara
baasie
palkan
wjessup
aleyda
tapps
greggifford
![Quick risk assessment Lucid: [00:35:27] [email protected]:~# openssl version OpenSSL 0.9.8k](https://files.speakerdeck.com/presentations/9c065900c310013186c31652ff098141/slide_7.jpg){kind=link}
