Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Marc Seeger
May 20, 2014
Technology
15k
0
Share
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
190
The DIRAC video codec
rb2k
1
94
Communitygetriebene Android Systemerweiterungen
rb2k
1
59
Alternative infrastructure
rb2k
1
190
NoSQL Lunch and Learn
rb2k
9
8.6k
Lunch and Learn: Cucumber and Capybara
rb2k
7
22k
Other Decks in Technology
See All in Technology
Rebirth of Software Craftsmanship in the AI Era
lemiorhan
PRO
4
1.8k
AIエージェントの権限管理 1: MCPサーバー・ ツールの Fine grained access control 編
ren8k
3
490
2026年、知っておくべき最新 サーバレスTips10選/serverless-10-tips
slsops
13
5.1k
生成AI時代のエンジニア育成 変わる時代と変わらないコト
starfish719
0
9.3k
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
3k
AWS Agent Registry の基礎・概要を理解する/aws-agent-registry-intro
ren8k
2
340
AI時代のガードレールとしてのAPIガバナンス
nagix
0
210
サイボウズ 開発本部採用ピッチ / Cybozu Engineer Recruit
cybozuinsideout
PRO
10
78k
インターネットの技術 / Internet technology
ks91
PRO
0
170
明日からドヤれる!超マニアックなAWSセキュリティTips10連発 / 10 Ultra-Niche AWS Security Tips
yuj1osm
0
530
ハーネスエンジニアリングの概要と設計思想
sergicalsix
9
4.2k
職能の壁を取り払った先で見えた壁 -AI時代のクロスファンクショナル組織-
shimotaroo
1
110
Featured
See All Featured
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
54k
How to audit for AI Accessibility on your Front & Back End
davetheseo
0
250
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.6k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
160
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
livdayseo
0
100
Jess Joyce - The Pitfalls of Following Frameworks
techseoconnect
PRO
1
130
How to make the Groovebox
asonas
2
2.1k
A brief & incomplete history of UX Design for the World Wide Web: 1989–2019
jct
1
350
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
320
Un-Boring Meetings
codingconduct
0
270
What does AI have to do with Human Rights?
axbom
PRO
1
2.1k
RailsConf 2023
tenderlove
30
1.4k
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs
rb2k
lemiorhan
ren8k
slsops
starfish719
sansan33
nagix
cybozuinsideout
ks91
yuj1osm
sergicalsix
shimotaroo
destraynor
davetheseo
tammyeverts
.png){kind=avatar}
helenjbeal
livdayseo
techseoconnect
asonas
jct
tmiket
codingconduct
axbom
tenderlove
![Quick risk assessment Lucid: [00:35:27] [email protected]:~# openssl version OpenSSL 0.9.8k](https://files.speakerdeck.com/presentations/9c065900c310013186c31652ff098141/slide_7.jpg){kind=link}
