Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
DevOpsDays GDL
February 21, 2020
Technology
390
0
Share
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
600
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
410
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
310
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
300
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
360
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
370
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
390
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
420
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
300
Other Decks in Technology
See All in Technology
コミュニティ・勉強会を作るのは目的じゃない
ohmori_yusuke
0
290
AIと乗り切った1,500ページ超のヘルプサイト基盤刷新とさらにその先の話
mugi_uno
2
300
AndroidアプリとCopilot Studioの統合
nakasho
0
210
Sociotechnical Architecture Reviews: Understanding Teams, not just Artefacts
ewolff
1
130
Microsoft 365 / Microsoft 365 Copilot : 自分の状態を確認する「ラベル」について
taichinakamura
0
460
鹿野さんに聞く!CSSの最新トレンド Ver.2026
tonkotsuboy_com
3
220
Agent の「自由」と「安全」〜未来に向けて今できること〜
katayan
0
340
ボトムアップの改善の火を灯し続けろ!〜支援現場で学んだ、消えないための3つの打ち手〜 / 20260509 Kazuki Mori
shift_evolve
PRO
2
560
Angular Architecture Revisited Modernizing Angular Architectural Patterns
rainerhahnekamp
0
130
ServiceNow Knowledge 26 の歩き方
manarobot
0
340
SLI/SLO、「完全に理解した」から「チョットデキル」へ
maruloop
1
110
Percolatorを廃止し、マルチ検索サービスへ刷新した話 / Search Engineering Tech Talk 2026 Spring
visional_engineering_and_design
0
320
Featured
See All Featured
What does AI have to do with Human Rights?
axbom
PRO
1
2.1k
Leveraging Curiosity to Care for An Aging Population
cassininazir
1
230
Visualization
eitanlees
150
17k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.7k
Why Your Marketing Sucks and What You Can Do About It - Sophie Logan
marketingsoph
0
140
Claude Code のすすめ
schroneko
67
220k
AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference
aleyda
1
1.2k
Digital Ethics as a Driver of Design Innovation
axbom
PRO
1
280
Bash Introduction
62gerente
615
210k
Marketing Yourself as an Engineer | Alaka | Gurzu
gurzu
0
190
How Software Deployment tools have changed in the past 20 years
geshan
0
33k
VelocityConf: Rendering Performance Case Studies
addyosmani
333
25k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
ohmori_yusuke
mugi_uno
nakasho
ewolff
taichinakamura
tonkotsuboy_com
katayan
shift_evolve
rainerhahnekamp
manarobot
maruloop
visional_engineering_and_design
axbom
cassininazir
eitanlees
zakiyama
marketingsoph
schroneko
aleyda
62gerente
gurzu
geshan
addyosmani
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}