Security / AuditabilityをSREチームの成果指標に加えた話

Transcript

1. None

2. Security / AuditabilityΛ SREνʔϜͷ੒ՌࢦඪʹՃ͑ͨ࿩ Takuya Onda SRE Lounge #12 !2

3. Security / AuditabilityΛ SREνʔϜͷ੒ՌࢦඪʹՃ͑ͨ࿩ Takuya Onda SRE Lounge #12 !3

4. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

   Agenda • ొஃऀɾձࣾ঺հ • Կ͕՝୊͔ͩͬͨɿηΩϡϦςΟରԠঢ়گ΁ͷةػײ • ԿΛ࢝Ί͔ͨɿSecurityνʔϜͷ্ཱͪ͛ • Կ͕ى͖͔ͨɿ͍͍ײ͡ʹ෺ࣄ͕ಈ͖࢝ΊͨҰํɺ͋Βͨͳ՝୊͕ൃੜ • ԿΛ΍͔ͬͨɿ3ຊͷࢦ਑ͱ۩ମྫ঺հ • ·ͱΊ !4

5. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

   ొஃऀ঺հ • ໊લɿԸా୓໵ • ॴଐɿגࣜձࣾΤ΢ϨΧ • ࢓ࣄɿSRE෦໳ɺSecurity෦໳ɺ৘γε෦໳ͷ ౷ׅɻ·ͨɺ಺෦౷੍΍ϓϥΠόγʔରԠɺ ֤छ঎ඪରԠͳͲ΋୲౰ͯ͠·͢ • ˎ ຊ೔ࣗ୐͔ΒͷొஃͷͨΊɺ່ͷઈڣԻ్͕தަ͡Δ͔΋ ͠Ε·ͤΜ͕ɺ͝༰͍͚ࣻͨͩΕ͹ͱࢥ͍·͢ mm !5

6. ձࣾ֓ཁ ձ໊ࣾ ɹ גࣜձࣾΤ΢ϨΧ / eureka, Inc. ૑ۀ ɹ 2008೥11݄20೔

   ܦӦਞ ɹ CEO ੴڮ
   ४໵ ɹ CMO தଜ
   ༟Ұ ɹ CTO ۚࢠ
   ৻ଠ࿠ ɹ VP of Finance Andrew Badham ɹ VP of Product, Pairs ۚా
   ༔ر ɹ Brand Director ੢ࢁ
   ֆເ ɹ Data Director Ԟଜ
   ७ ɹ Customer Care Director ҆৴
   ཽഅ ɹ Information Director Ըా
   ୓໵ ࣄۀ಺༰ ɹ
   ࣗࣾαʔϏεͷاըɾ։ൃɾӡӦ
   ɹ
   
   ɾ࿀Ѫɾࠗ׆ϚονϯάΞϓϦʮPairsʯ
   ɹ
   
   ɾΦϯϥΠϯ݁ࠗ૬ஊॴʮPairsΤϯήʔδʯ
   ɹ
   
   ɾΧοϓϧઐ༻ΞϓϦʮCouplesʯ
   

7. ਓੜʹʮ͋ͬͯΑ͔ͬͨʯͱ
   ࢥͬͯ΋Β͑Δ΋ͷΛɻ ࢲͨͪ͸ɺੈքͷࠃʑͰɺ਺ԯͷਓʑ͕࢖͏ϓϩμΫτΛ
   ੜΈग़͍ͯ͜͠͏ͱ͍ͯ͠·͢ɻ
   ͦΕ͸ɺҰ࣌తͳָ͠Έ΍ศརΛఏڙ͢Δ΋ͷͰ͸ͳ͘ɺ
   ਓੜΛৼΓฦͬͨ࣌ʹʮ͋ͷͱ͖ɺ͋ͷαʔϏε͕͋ͬͯΑ͔ͬͨʯͱɺ
   ࢥͬͯ΋Β͑Δ΋ͷͰ͋Γ͍ͨɻ
   ग़ձ͑ͳ͔ͬͨਓͲ͏͕͠ग़ձ͑ͨΓɺ
   ͻͱΓͻͱΓͷબ୒ࢶ͕΋ͬͱ޿͕ͬͨΓɻ
   ࢲͨͪͷαʔϏεͰɺ୭͔ͷਓੜΛΑΓΑ͍΋ͷʹ͢Δ͜ͱ͕ɺ
   

   Τ΢ϨΧͷ࢖໋Ͱ͢ɻ

8. ͔͚͕͑ͷͳ͍ਓͱͷग़ձ͍ΛੜΈग़͠ɺ
   ೔ຊɺΞδΞʹσʔςΟϯάαʔϏεจԽΛఆணͤ͞Δɻ To help people find their life partner and

   make dating services a social norm in Japan and Asia. Vision
9. None

10. 1,000 ྦྷܭձһ਺ ಥഁ ສ
    ਓ

11. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ొ࿥ ͕͢͞ ϓϩϑΟʔϧ ͍͍Ͷʂ Ϛονϯά ϝοηʔδ ࣮ࡍʹग़ձ͏ αʔϏε֓ཁ ຊਓ֬ೝ ಠ਎֬ೝ
12. None

13. ʮ͙͢ʹͰ΋͍݁ࠗͨ͠ʯͱࢥ͍ͬͯͯ΋ɺ೔ʑͷੜ׆Ͱ͸ ݁ࠗ૬खʹ૬Ԡ͍͠ͱࢥ͑Δ૬खͱग़ձ͏lػձz΋lखஈz΋ ͳ͍ਓ޲͚ɻ ॆ࣮ͳαϙʔτମ੍ͱɺετϨεͷͳ͍खܰͳࠗ׆ମݧΛ ఏڙ͢Δɺ݁ࠗ΁ͷر๬౓͕ߴ͍ਓ͚͕ͩೖձͰ͖ΔαʔϏ εɻ λʔήοτ αʔϏε಺༰ ϖΞʔζ͕ͭͬͨ͘
    ΦϯϥΠϯ݁ࠗ૬ஊॴ

14. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    Agenda • ొஃऀɾձࣾ঺հ • Կ͕՝୊͔ͩͬͨɿηΩϡϦςΟରԠঢ়گ΁ͷةػײ • ԿΛ࢝Ί͔ͨɿSecurityνʔϜͷ্ཱͪ͛ • Կ͕ى͖͔ͨɿ͍͍ײ͡ʹ෺ࣄ͕ಈ͖࢝ΊͨҰํɺ͋Βͨͳ՝୊͕ൃੜ • ԿΛ΍͔ͬͨɿ3ຊͷࢦ਑ͱ۩ମྫ঺հ • ·ͱΊ !14

15. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    എܠɿձࣾͱࣄۀΛͱΓ·͘มԽ • ϚονϯάΞϓϦͷϦʔσΟϯάΧϯύχʔͱͯ͠ͷࣾձత੹೚ • ࣄۀͷ҆৺ɾ҆શ΁ͷχʔζ • ֦େ͢Δ૊৫ɾαʔϏεن໛ɾγεςϜ !15

16. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ηΩϡϦςΟରࡦ ΋ͬͱγϡοͱ͍ͨ͠ʂ !16

17. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ηΩϡϦςΟରࡦͷ՝୊ (౰࣌) • ਪਐྗ͕ෆ଍͍ͯͨ͠ • ੹೚ॴࡏ͕ᐆດɻ͔ͭɺݗҾ໾͕͍ͳ͍ɻ • CTO΍։ൃνʔϜɺSREνʔϜ΍MISνʔϜ͕ͦΕͱͳ͘ਪਐ͍ͯͨ͠ ɻ • ہॴతͳηΩϡϦςΟରࡦʹͳΓ͕ͪ • ๷ޚͱݕ஌ʹ໨ઢ͕޲͖͕ͪ • ඇٕज़෼໺ͷηΩϡϦςΟରԠͷ஗Ε !17

18. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    Agenda • ొஃऀɾձࣾ঺հ • Կ͕՝୊͔ͩͬͨɿηΩϡϦςΟରԠঢ়گ΁ͷةػײ • ԿΛ࢝Ί͔ͨɿSecurityνʔϜͷ্ཱͪ͛ • Կ͕ى͖͔ͨɿ͍͍ײ͡ʹ෺ࣄ͕ಈ͖࢝ΊͨҰํɺ͋Βͨͳ՝୊͕ൃੜ • ԿΛ΍͔ͬͨɿ3ຊͷࢦ਑ͱ۩ମྫ঺հ • ·ͱΊ !18

19. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ηΩϡϦςΟνʔϜ͕ൃ଍ • ηΩϡϦςΟྖҬͷΞΧ΢ϯλϏϦςΟΛू໿ • ঢ়گͷಁ໌ԽͱϨϙʔςΟϯά • ϩʔυϚοϓͷࡦఆ • ༧ࢉͱਓࣄܭը • ඇٕज़ྖҬ΋ؚΊͨแׅతͳηΩϡϦςΟରࡦͷਪਐ • IRମ੍ͷϒϥογϡΞοϓɺܦӦਞΛר͖ࠐΜͩΠϯγσϯτDrillͷ࣮ࢪ • શैۀһ޲͚ηΩϡϦςΟτϨʔχϯάͷ࣮ࢪɺηΩϡΞίʔσΟϯάτϨʔχϯάͷܭը • Πϕϯτͷू໿ͱ੬ऑੑͷτϦΞʔδ • ʮPCͳ͘͠·ͨ͠ʂʯɺʮมͳϝʔϧདྷͨΜͰ͚͢Ͳʂʯʮxxͱ͍͏πʔϧ͔ΒΞϥʔτདྷͨͧʯ • ʮ͜ͷπʔϧ࢖ͬͯେৎ෉ʁʯɺʮ͜Μͳ੬ऑੑ͕ੈͷதʹʂʯ !19

20. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    Agenda • ొஃऀɾձࣾ঺հ • Կ͕՝୊͔ͩͬͨɿηΩϡϦςΟରԠঢ়گ΁ͷةػײ • ԿΛ࢝Ί͔ͨɿSecurityνʔϜͷ্ཱͪ͛ • Կ͕ى͖͔ͨɿ͍͍ײ͡ʹ෺ࣄ͕ಈ͖࢝ΊͨҰํɺ͋Βͨͳ՝୊͕ൃੜ • ԿΛ΍͔ͬͨɿ3ຊͷࢦ਑ͱ۩ମྫ঺հ • ·ͱΊ !20

21. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ہॴతͳτϨʔυΦϑ • શ͕ͯॱௐͳ࣌,ηΩϡϦςΟ͸ݟ͑ͳ͍. ࡟ݮ or ԆظՄೳͳίετͱΈͳͤ͞Δ • ʮͦΕࠓ΍ͬͨํ͕Α͍ʁʯɺʮ੬ऑੑରԠɺ͑ʔɺ͜Εظݶ੾Βͳ͍ͱμϝɺɺʁʯ • ʮxxΛಋೖ͢Δʁ͍͍͚Ͳɺࠓ͜Εಋೖͯ͠΋୭΋ӡ༻Ͱ͖ͳ͘ͳ͍ʁʯ • ߟ͑ํͷ͢Εҧ͍ • ࠷খಛݖͱ৬຿෼ঠ | You built it, you run itͷਫ਼ਆ • Security By Design(ϓϩδΣΫτͷ಄Ͱ࢓༷֓ཁΛ஌Γ͍ͨ) | ࡉ͔͘ૣ࢝͘Ί͍ͨ • ίϛϡχέʔγϣϯίετͷ૿Ճ • Qɿʮ֎෦ʹηΩϡϦςΟ਍அґཔ͢Δ͔Βɺߏ੒ਤ͘Ε΁Μʁʯ,Aɿ(ͦΜͳ΋ͷ͸ͳ͍)ʮɺɺ͸͍༻ҙ͠·͢ʯ • QɿʮxxͬͯϦιʔεԿʹ࢖ͬͯΔͷʁͲΜͳഎܠʁʯ Aɿ(͜ͷ΍ΓͱΓ࠷ۙଟͯ͘͠ΜͲ͍ΜͩΑͳɺɺ) ʮ͑ʔͱͰ͢Ͷɺ͜Ε͸ɺɺʯ !21

22. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    Agenda • ొஃऀɾձࣾ঺հ • Կ͕՝୊͔ͩͬͨɿηΩϡϦςΟχʔζ΁ͷ஗Ε • ԿΛ࢝Ί͔ͨɿSecurityνʔϜͷ্ཱͪ͛ • Կ͕ى͖͔ͨɿ͍͍ײ͡ʹ෺ࣄ͕ಈ͖࢝ΊͨҰํɺ͋Βͨͳ՝୊͕ൃੜ • ԿΛ΍͔ͬͨɿ3ຊͷࢦ਑ͱ۩ମྫ঺հ • ·ͱΊ !22

23. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ސ٬΁ͷՁ஋ఏڙʹूத͍ͨ͠ͷ͸Ұॹ • 3ຊͷࢦ਑Λݩʹɺຎࡲͷղফ΁ 1.໨ඪઃܭ & ໨ඪͷڞ༗ 2.҆શͳબ୒ΛσϑΥϧτʹ 3.ίϛϡχέʔγϣϯͷૄ݁߹ԽͱϧʔςΟϯԽ !23

24. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ໨ඪઃܭ & ໨ඪͷڞ༗ • ηΩϡϦςΟϦεΫ(Πϕϯτ)ରԠঢ়گΛνʔϜؒڞ௨ͷ੒Ռࢦඪʹ • SLI = ໨ඪऩଋ೔਺Ҏ಺ʹରԠ׬ྃͨ͠Ҋ݅਺/ શΠϕϯτ x 100 • SLO = xx% !24

25. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ηΩϡϦςΟϦεΫɾΠϕϯτιʔε(Ұ෦) !25 SRE Team MIS Team Developer Team GuardDuty ◦ ECR Scanning ◦ AWS Inspector ◦ CrowdStrike ◦ Cisco Meraki ◦ Static Analysis ◦

26. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ηΩϡϦςΟϦεΫɾධՁํ๏ !26 ఆٛ (Ұ෦) CVSS Base Score ରԠ໨ඪ Broker ݖݶͷͳ͍౰ࣄऀ͕10Λ௒͑ΔϢʔβʔͷೝূτʔΫϯ/ࢿ֨৘ใ/ΫοΩʔ/ύε ϫʔυɺϝοηʔδɺੜ೥݄೔·ͨ͸ͦͷଞͷPII, ࢧ෷͍Χʔυɺ·ͨ͸ਖ਼֬ͳ GPSҐஔ৘ใΛऔಘͰ͖ΔΑ͏ʹ͢Δ੬ऑੑɻ 9 - 10 xx೔Ҏ಺ Critical 7 - 8.9 ʓʓ೔Ҏ಺ Major 4.0 - 6.9 ˚˚೔Ҏ಺ Minor 0.1 - 3.9 □□೔Ҏ಺
 (ϦεΫอ༗൑அՄ) Trivial - ˑˑ೔Ҏ಺
 (ϦεΫอ༗൑அՄ)

27. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ҆શͳબ୒ΛσϑΥϧτʹ • ಁաతͳػೳΛఏڙ͢ΔࣄͰෛ୲Λ͔͚Δࣄͳ͘ਖ਼͍͠ࣄΛͳ͢ • ಛఆɿΞηοτϚωδϝϯτͷίετΛԼ͛Δ • λάʹΑΔετϨʔδɾϦιʔεͷࣗݾఆٛత෼ྨ • AWS System Manger Inventory • ๷ޚɿߏ੒ඪ४ԽͰ༧๷త౷੍ͷෛՙΛԼ͛Δ • IAM Account෼཭ / IAM User࡞੒ෆՄ • 3Tier Architecture x WAF x Shield AdvanceʹΑΔอޢ • EC2 x ASG | FargageʹΑΔγεςϜͷRotate, • ݕ஌ɿࣄ࣮ೝࣝͷίετΛԼ͛Δ • AuditΞΧ΢ϯτͰAWS Config | GuardDuty | CloudTrail ͷAggregation • ࣄ࣮ೝࣝλΠϛϯάΛνʔϜϧʔςΟϯʹ૊ΈࠐΉ !27

28. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ΞηοτϚωδϝϯτͷίετΛԼ͛Δ !28 • ϦιʔεͷSensitivityΛλάͰఆٛ.System Manager΍GASͳͲͰλά छผΛݩʹऩू (ˎ λά͓Αͼίʔυ͸͢΂ͯٙࣅίʔυͰ͢)

29. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ߏ੒ඪ४ԽͰ༧๷త౷੍ͷෛՙΛԼ͛Δ !29 • 3Tier Architecture x WAF x Shield AdvanceʹΑΔอޢ (ˎٙࣅίʔυ)

30. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ߏ੒ඪ४ԽͰ༧๷త౷੍ͷෛՙΛԼ͛Δ !30 • IdPܦ༝ͰͷSSOͷΈڐՄ & IAM Userͷ࡞੒๷ࢭΛ࢓૊ΈԽ͢Δ (ˎٙ ࣅίʔυ) ΤϯδχΞ৬੹ผ
 Roleઃܭ

31. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ߏ੒ඪ४ԽͰ༧๷త౷੍ͷෛՙΛԼ͛Δ !31 • EC2 on ASG | Fargate x Resource Rotation ࢀߟɿηΩϡϦςΟύονΛࢧ͑Δ αʔόՈசԽٕज़ͷ঺հ https://speakerdeck.com/takuya542/sekiyuriteipatutiwozhi-eru-sabajia-chu-hua-ji-shu-falseshao-jie

32. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ίϛϡχέʔγϣϯͷૄ݁߹ԽͱϧʔςΟϯԽ • ඞཁͳ৘ใΛඞཁͳਓ͕ࣗ෼ͰऔΓ΍͍͢ঢ়ଶʹ • ൃݟత౷੍ͷࣄ࣮ೝࣝͷίετΛԼ͛Δ • ࠩ͠ࠐ·ΕΔͷͰ͸ͳ͘ɺఆظతʹঢ়ଶΛ֬ೝ͢Δ !32

33. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    SecurityΞΧ΢ϯτʹ৘ใΛू໿͢Δ !33 • AWS Config Rules | GuardDuty | CloudTrail Log & ViewerΛू໿ Guard Duty x Multi Accountମ੍
 (ˎ ٙࣅίʔυ)

34. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ൃݟద౰ੑɾࣄ࣮ೝࣝΛϧʔςΟϯԽ • ηΩϡϦςΟΞϥʔτΛड͚ͬͺͳ͠ʹ͠ͳ͍ɻೳಈతʹ֬ೝ͢Δ࣌ؒ Λ֬อ͢Δ !34

35. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ൃݟద౰ੑɾࣄ࣮ೝࣝΛϧʔςΟϯԽ • ηΩϡϦςΟΞϥʔτΛड͚ͬͺͳ͠ʹ͠ͳ͍ɻೳಈతʹ֬ೝ͢Δ࣌ؒ Λ֬อ͢Δ !35

36. CONFIDENTIAL INFORMATION: Not for Public Distribution - Do Not Copy

    ૯ׅ • ݟ͚ͭͨڴҖͷରԠ͕ڴҖϞσϧʹج͖ͮɺద੾ʹߦΘΕͯΔঢ়ଶΛҡ ࣋͠ͳ͕ΒɺڴҖݕ஌ͷ෯Λ޿͛ͯ͘ͷ͕ॏཁ (SREຊͷSLOઃܭͷ νϟϓλʔʹ௨͡Δͱ͜Ζ͕ଟ෼ʹ͋Δͱ͍͏ॴײ) • ༧๷త౷੍ͱൃݟత౷੍͸ͲͪΒʹภͬͯ΋͍͚ͳ͍ɻ·ͨɺ૒ํͷ౷ ੍ίετΛৗʹԼ͛ΔΑ͏ʹϓϩδΣΫτΛϩʔυϚοϓʹ૊ΈࠐΉ • ϓϩηε΍ϙϦγʔͰ͸ͳ͘࢓૊ΈͰकΔɻϓϩηεͰकΔՕॴ͸ɺί ϛϡχέʔγϣϯ͕ۃྗൃੜ͠ͳ͍Α͏ʹ͢Δ or ϦζϜΛ࡞Γ΍͍͢ ۀ຿ઃܭϓϩηεΛෑ͘ !36

37. Τ΢ϨΧͰ͸ΤϯδχΞΛੵۃ࠾༻தʂ
    ΧδϡΞϧ໘ஊ΋͓଴͍ͪͯ͠·͢ʂ We’re hiring