Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
DevOpsDays GDL
February 21, 2020
Technology
0
310
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
500
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
340
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
230
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
230
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
300
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
280
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
330
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
350
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
240
Other Decks in Technology
See All in Technology
Serverlessだからこそコードと設計にはこだわろう
kenichirokimura
2
530
AndroidアプリエンジニアもMCPを触ろう
kgmyshin
2
610
製造業向けIoTソリューション提案資料.pdf
haruki_uiru
0
200
Gateway H2 モジュールで スマートホーム入門
minoruinachi
0
130
genspark_presentation.pdf
haruki_uiru
1
210
LINE 購物幕後推手
line_developers_tw
PRO
0
400
2025-04-24 "Manga AI Understanding & Localization" Furukawa Arata (CyberAgent, Inc)
ornew
2
340
3D生成AIのための画像生成
kosukeito
2
600
意思決定を支える検索体験を目指してやってきたこと
hinatades
PRO
0
400
本当に必要なのは「QAという技術」だった!試行錯誤から生まれた、品質とデリバリーの両取りアプローチ / Turns Out, "QA as a Discipline" Was the Key!
ar_tama
9
3k
AI駆動で進化する開発プロセス ~クラスメソッドでの実践と成功事例~ / aidd-in-classmethod
tomoki10
1
950
Notion x ポストモーテムで広げる組織の学び / Notion x Postmortem
isaoshimizu
1
150
Featured
See All Featured
Optimising Largest Contentful Paint
csswizardry
37
3.2k
Thoughts on Productivity
jonyablonski
69
4.6k
Code Reviewing Like a Champion
maltzj
523
40k
Facilitating Awesome Meetings
lara
54
6.3k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.6k
Testing 201, or: Great Expectations
jmmastey
42
7.5k
What's in a price? How to price your products and services
michaelherold
245
12k
Rebuilding a faster, lazier Slack
samanthasiow
81
9k
Agile that works and the tools we love
rasmusluckow
329
21k
Large-scale JavaScript Application Architecture
addyosmani
512
110k
Automating Front-end Workflow
addyosmani
1370
200k
Practical Orchestrator
shlominoach
187
11k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
kenichirokimura
kgmyshin
haruki_uiru
minoruinachi
line_developers_tw
ornew
kosukeito
hinatades
ar_tama
tomoki10
isaoshimizu
csswizardry
jonyablonski
maltzj
lara
danielanewman
jmmastey
michaelherold
samanthasiow
rasmusluckow
addyosmani
shlominoach
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}