Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Marc Seeger
May 20, 2014
Technology
0
15k
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
Tweet
Share
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
180
The DIRAC video codec
rb2k
1
84
Communitygetriebene Android Systemerweiterungen
rb2k
1
54
Alternative infrastructure
rb2k
1
180
NoSQL Lunch and Learn
rb2k
9
8.5k
Lunch and Learn: Cucumber and Capybara
rb2k
7
21k
Other Decks in Technology
See All in Technology
Entity Framework Core におけるIN句クエリ最適化について
htkym
0
140
なぜ あなたはそんなに re:Invent に行くのか?
miu_crescent
PRO
0
230
ESXi のAIOps だ!2025冬
unnowataru
0
450
Agent Skillsがハーネスの垣根を超える日
gotalab555
7
4.9k
[2025-12-12]あの日僕が見た胡蝶の夢 〜人の夢は終わらねェ AIによるパフォーマンスチューニングのすゝめ〜
tosite
0
220
[Neurogica] 採用ポジション/ Recruitment Position
neurogica
1
140
AWS re:Inventre:cap ~AmazonNova 2 Omniのワークショップを体験してきた~
nrinetcom
PRO
0
120
The State of AI Agent Security:2025年の総括と2026年の宿題
pict3
0
110
Microsoft Agent Frameworkの可観測性
tomokusaba
1
120
2025-12-27 Claude CodeでPRレビュー対応を効率化する@機械学習社会実装勉強会第54回
nakamasato
4
1.3k
Knowledge Work の AI Backend
kworkdev
PRO
0
340
Strands AgentsのEvaluatorをLangfuseにぶち込んでみた
andoooooo_bb
0
100
Featured
See All Featured
Between Models and Reality
mayunak
0
150
How Fast Is Fast Enough? [PerfNow 2025]
tammyeverts
3
420
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
sarafernandez
0
96
The Straight Up "How To Draw Better" Workshop
denniskardys
239
140k
Evolving SEO for Evolving Search Engines
ryanjones
0
89
Navigating Team Friction
lara
191
16k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
34
2.6k
KATA
mclloyd
PRO
33
15k
Unsuck your backbone
ammeep
671
58k
svc-hook: hooking system calls on ARM64 by binary rewriting
retrage
1
37
The Pragmatic Product Professional
lauravandoore
37
7.1k
How to build an LLM SEO readiness audit: a practical framework
nmsamuel
1
590
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs
rb2k
htkym
miu_crescent
unnowataru
gotalab555
tosite
neurogica
nrinetcom
pict3
tomokusaba
nakamasato
kworkdev
andoooooo_bb
mayunak
tammyeverts
sarafernandez
denniskardys
ryanjones
lara
jcasabona
mclloyd
ammeep
retrage
lauravandoore
nmsamuel
![Quick risk assessment Lucid: [00:35:27] [email protected]:~# openssl version OpenSSL 0.9.8k](https://files.speakerdeck.com/presentations/9c065900c310013186c31652ff098141/slide_7.jpg){kind=link}
