Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
DevOpsDays GDL
February 21, 2020
Technology
0
370
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
580
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
390
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
280
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
280
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
340
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
350
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
360
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
390
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
280
Other Decks in Technology
See All in Technology
Databricks Free Edition講座 データサイエンス編
taka_aki
0
290
システムのアラート調査をサポートするAI Agentの紹介/Introduction to an AI Agent for System Alert Investigation
taddy_919
2
1.7k
2人で作ったAIダッシュボードが、開発組織の次の一手を照らした話― Cursor × SpecKit × 可視化の実践 ― Qiita AI Summit
noalisaai
1
370
Mosaic AI Gatewayでコーディングエージェントを配るための運用Tips / JEDAI 2026 新春 Meetup! AIコーディング特集
genda
0
150
茨城の思い出を振り返る ~CDKのセキュリティを添えて~ / 20260201 Mitsutoshi Matsuo
shift_evolve
PRO
1
180
セキュリティ はじめの一歩
nikinusu
0
1.5k
データの整合性を保ちたいだけなんだ
shoheimitani
7
2.9k
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
3k
CDKで始めるTypeScript開発のススメ
tsukuboshi
1
310
Meshy Proプラン課金した
henjin0
0
240
Agile Leadership Summit Keynote 2026
m_seki
1
340
Context Engineeringの取り組み
nutslove
0
280
Featured
See All Featured
XXLCSS - How to scale CSS and keep your sanity
sugarenia
249
1.3M
The Illustrated Children's Guide to Kubernetes
chrisshort
51
51k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
11
820
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
320
Paper Plane (Part 1)
katiecoart
PRO
0
4k
Bioeconomy Workshop: Dr. Julius Ecuru, Opportunities for a Bioeconomy in West Africa
akademiya2063
PRO
1
54
Principles of Awesome APIs and How to Build Them.
keavy
128
17k
What’s in a name? Adding method to the madness
productmarketing
PRO
24
3.9k
Building an army of robots
kneath
306
46k
How to Align SEO within the Product Triangle To Get Buy-In & Support - #RIMC
aleyda
1
1.4k
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
240
The Art of Programming - Codeland 2020
erikaheidi
57
14k
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
taka_aki
taddy_919
noalisaai
genda
shift_evolve
nikinusu
shoheimitani
sansan33
tsukuboshi
henjin0
m_seki
nutslove
sugarenia
chrisshort
tammyeverts
chikuwait
katiecoart
akademiya2063
keavy
productmarketing
kneath
aleyda
tmiket
erikaheidi
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}