Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
DevOpsDays GDL
February 21, 2020
Technology
0
370
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
560
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
380
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
270
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
270
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
330
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
330
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
360
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
380
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
270
Other Decks in Technology
See All in Technology
21st ACRi Webinar - AMD Presentation Slide (Nao Sumikawa)
nao_sumikawa
0
230
直接メモリアクセス
koba789
0
250
シンプルを極める。アンチパターンなDB設計の本質
facilo_inc
2
1.6k
【pmconf2025】PdMの「責任感」がチームを弱くする?「分業型」から全員がユーザー価値に本気で向き合う「共創型開発チーム」への変遷
toshimasa012345
0
200
Symfony AI in Action
el_stoffel
2
380
GitLab Duo Agent Platformで実現する“AI駆動・継続的サービス開発”と最新情報のアップデート
jeffi7
0
200
Security Diaries of an Open Source IAM
ahus1
0
120
Uncertainty in the LLM era - Science, more than scale
gaelvaroquaux
0
700
pmconf2025 - データを活用し「価値」へ繋げる
glorypulse
0
630
EM歴1年10ヶ月のぼくがぶち当たった苦悩とこれからへ向けて
maaaato
0
130
小さな判断で育つ、大きな意思決定力 / 20251204 Takahiro Kinjo
shift_evolve
PRO
1
490
AWS Bedrock AgentCoreで作る 1on1支援AIエージェント 〜Memory × Evaluationsによる実践開発〜
yusukeshimizu
4
270
Featured
See All Featured
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
9
1k
For a Future-Friendly Web
brad_frost
180
10k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
31
9.8k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4.1k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
120
20k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
How to train your dragon (web standard)
notwaldorf
97
6.4k
Building an army of robots
kneath
306
46k
Typedesign – Prime Four
hannesfritz
42
2.9k
Visualization
eitanlees
150
16k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
54k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
48
9.8k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
nao_sumikawa
koba789
facilo_inc
toshimasa012345
el_stoffel
jeffi7
ahus1
gaelvaroquaux
glorypulse
maaaato
shift_evolve
yusukeshimizu
addyosmani
brad_frost
eileencodes
kastner
panda_program
tanoku
notwaldorf
kneath
hannesfritz
eitanlees
destraynor
mongodb
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}