Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Leoswaldo Macias - Protecting your App in the ...
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
DevOpsDays GDL
February 21, 2020
Technology
0
380
Leoswaldo Macias - Protecting your App in the Cloud
DevOps Days GDL 2020 - February 20th
DevOpsDays GDL
February 21, 2020
Tweet
Share
More Decks by DevOpsDays GDL
See All by DevOpsDays GDL
Julian Limon - Aligned autonomy: How clarity on outcomes gets us to self-organized teams that win
devopsdaysgdl
0
580
Jorge Castro - Building DevOps Ways of Working at large Enterprise through learning, collaboration and Gamification experiences: Continuous WoWs, DevUps and Feedback
devopsdaysgdl
0
400
Salvador Elizarraras - Five Ways to Improve Team Performance
devopsdaysgdl
0
300
Tommy Adams - Cutting the Cord: Letting Your Remote Team Run Free
devopsdaysgdl
0
290
Cameron Motevasselani - Extending Spinnaker for the Enterprise
devopsdaysgdl
0
350
Jesus Contreras - Containers y DevTools en AWS
devopsdaysgdl
0
360
Liz fong-Jones - Production Excellence
devopsdaysgdl
0
370
Mofizur Rahman - Knative: Serverless Computing on Kubernetes
devopsdaysgdl
0
410
Ra Acosta - SAFe Journey 5.0
devopsdaysgdl
0
290
Other Decks in Technology
See All in Technology
Sansanでの認証基盤内製化と移行
sansantech
PRO
0
520
visionOS 開発向けの MCP / Skills をつくり続けることで XR の探究と学習を最大化
karad
1
210
モブプログラミング再入門 ー 基本から見直す、AI時代のチーム開発の選択肢 ー / A Re-introduction of Mob Programming
takaking22
5
1.6k
プラットフォームエンジニアリングはAI時代の開発者をどう救うのか
jacopen
6
3.6k
TypeScript 7.0の現在地と備え方
uhyo
7
1.2k
JAWS DAYS 2026 楽しく学ぼう!ストレージ 入門
yoshiki0705
2
190
クラウド × シリコンの Mashup - AWS チップ開発で広がる AI 基盤の選択肢
htokoyo
2
260
[JAWSDAYS2026]Who is responsible for IAM
mizukibbb
0
760
猫でもわかるKiro CLI(AI 駆動開発への道編)
kentapapa
0
220
Everything Claude Code を眺める
oikon48
9
5.9k
AI時代の「本当の」ハイブリッドクラウド — エージェントが実現した、あの頃の夢
ebibibi
0
130
ReactのdangerouslySetInnerHTMLは“dangerously”だから危険 / Security.any #09 卒業したいセキュリティLT
flatt_security
0
160
Featured
See All Featured
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
soudai
PRO
63
51k
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
inesmontani
PRO
0
260
sira's awesome portfolio website redesign presentation
elsirapls
0
190
Side Projects
sachag
455
43k
More Than Pixels: Becoming A User Experience Designer
marktimemedia
3
350
Done Done
chrislema
186
16k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
380
Gemini Prompt Engineering: Practical Techniques for Tangible AI Outcomes
mfonobong
2
320
My Coaching Mixtape
mlcsv
0
74
Statistics for Hackers
jakevdp
799
230k
Unsuck your backbone
ammeep
672
58k
16th Malabo Montpellier Forum Presentation
akademiya2063
PRO
0
71
Transcript
Protecting your App in the Cloud @LeoswaldoMacias
Misconception
Shared Responsibility Model
“If you have access to change it then it is
yours, if not, then it’s theirs”
Incident Prevention A process to set instruments/tools/services to avoid possible
threats or impacts during an attack Incident Response Plan What to do when once we are impacted
Compliance Updates Maintain your instances up to date (OS, Libraries)
Network Does this need to be public accessible? What ports should I let in? What traffic should go out? Encryption At rest In transit Secret Management Keep your secret data secret
Network: Content Delivery Network CDN Content Delivery Network Your App
WAF
Network: Web Application Firewalls Firewall Layer 3 and 4 WAF
Contains Layer 7 attacks by inspecting for: • SQL Injections • XSS • Origin Geographically requests • String appearances • … and more
At least you know How soon or late? What are
the actions taken?
Incident Response Plan • Preparation • Detection • Containment •
Investigation • Recovery • Lesson Learn
Preparation Log everything you can (this will also help for
auditing) • Application Logs • Server Logs • Network Logs (Traces) • Access Logs and more Design the infrastructure to prevent single point of failure
Detection Monitoring and Alerting • Behaviour rules like traffic spikes,
CPU and Memory consumption • Traffic from countries not served • Sign in failures Page System :(
Containment Use automated processes to isolate any further impact like:
• Creating Network rules Make sure the impacted surface does not grow
Investigation • Analyze logs and timelines • Check which alarming
systems triggered • Check Dashboards
Recovery Get your environment to normal state
Lessons Learned Make sure all missings are documented and ARs
are assigned and tracked
Take Away #1 All applications are subject to exploits
Take Away #2 I’d rather invest more money on security
checks, tools, automation, than risking customer/company data
Take Away #3 Security is a shared responsibility to be
carried among all company employees, not only the Security crew
Thanks! @LeoswaldoMacias
[email protected]
devopsdaysgdl
sansantech
karad
takaking22
jacopen
uhyo
yoshiki0705
htokoyo
mizukibbb
kentapapa
oikon48
ebibibi
flatt_security
soudai
inesmontani
elsirapls
sachag
marktimemedia
chrislema
konakalab
mfonobong
mlcsv
jakevdp
ammeep
akademiya2063
![Thanks! @LeoswaldoMacias [email protected]](https://files.speakerdeck.com/presentations/ab51c71ce2b6400f80ac8eaf2e44a58b/slide_19.jpg){kind=link}