Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
DevOpsDays GDL
February 21, 2020
Technology
390
0
Share
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
600
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
410
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
310
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
290
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
360
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
360
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
380
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
420
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
290
Other Decks in Technology
See All in Technology
LLMに何を任せ、何を任せないか
cap120
11
6.9k
Datadog で実現するセキュリティ対策 ~オブザーバビリティとセキュリティを 一緒にやると何がいいのか~
a2ush
0
190
AIエージェント時代に必要な オペレーションマネージャーのロールとは
kentarofujii
0
290
Oracle Cloud Infrastructure:2026年3月度サービス・アップデート
oracle4engineer
PRO
0
340
Databricks Lakebaseを用いたAIエージェント連携
daiki_akimoto_nttd
0
130
機能・非機能の学びを一つに!Agent Skillsで月間レポート作成始めてみた / Unifying Bug & Infra Insights — Building Monthly Quality Reports with Agent Skills
bun913
2
710
15年メンテしてきたdotfilesから開発トレンドを振り返る 2011 - 2026
giginet
PRO
2
270
最大のアウトプット術は問題を作ること
ryoaccount
0
280
OCI技術資料 : 証明書サービス概要
ocise
1
7.2k
Databricks Lakehouse Federationで 運用負荷ゼロのデータ連携
nek0128
0
110
ThetaOS - A Mythical Machine comes Alive
aslander
0
240
TUNA Camp 2026 京都Stage ヒューリスティックアルゴリズム入門
terryu16
0
670
Featured
See All Featured
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.7k
Money Talks: Using Revenue to Get Sh*t Done
nikkihalliwell
0
200
The Cost Of JavaScript in 2023
addyosmani
55
9.8k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
32
2.8k
Exploring anti-patterns in Rails
aemeredith
3
300
The #1 spot is gone: here's how to win anyway
tamaranovitovic
2
1k
WENDY [Excerpt]
tessaabrams
9
37k
Between Models and Reality
mayunak
3
250
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
sarafernandez
0
160
Design in an AI World
tapps
0
190
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
31
3.1k
The Illustrated Guide to Node.js - THAT Conference 2024
reverentgeek
1
320
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
cap120
a2ush
kentarofujii
oracle4engineer
daiki_akimoto_nttd
bun913
giginet
ryoaccount
ocise
nek0128
aslander
terryu16
marktimemedia
nikkihalliwell
addyosmani
bluesmoon
aemeredith
tamaranovitovic
tessaabrams
mayunak
sarafernandez
tapps
danielanewman
reverentgeek
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}