Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Marc Seeger
May 20, 2014
Technology
0
15k
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
Tweet
Share
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
160
The DIRAC video codec
rb2k
1
79
Communitygetriebene Android Systemerweiterungen
rb2k
1
54
Alternative infrastructure
rb2k
1
170
NoSQL Lunch and Learn
rb2k
9
8.5k
Lunch and Learn: Cucumber and Capybara
rb2k
7
21k
Other Decks in Technology
See All in Technology
AIAgentの限界を超え、 現場を動かすWorkflowAgentの設計と実践
miyatakoji
0
120
AI時代だからこそ考える、僕らが本当につくりたいスクラムチーム / A Scrum Team we really want to create in this AI era
takaking22
6
2.9k
Windows で省エネ
murachiakira
0
160
Go Conference 2025: GoのinterfaceとGenericsの内部構造と進化 / Go type system internals
ryokotmng
3
620
研究開発部メンバーの働き⽅ / Sansan R&D Profile
sansan33
PRO
3
20k
神回のメカニズムと再現方法/Mechanisms and Playbook for Kamikai scrumat2025
moriyuya
4
350
リーダーになったら未来を語れるようになろう/Speak the Future
sanogemaru
0
260
職種別ミートアップで社内から盛り上げる アウトプット文化の醸成と関係強化/ #DevRelKaigi
nishiuma
2
130
自作LLM Native GORM Pluginで実現する AI Agentバックテスト基盤構築
po3rin
2
240
コンテキストエンジニアリングとは? 考え方と応用方法
findy_eventslides
4
870
Azure Well-Architected Framework入門
tomokusaba
0
210
PLaMo2シリーズのvLLM実装 / PFN LLM セミナー
pfn
PRO
2
930
Featured
See All Featured
It's Worth the Effort
3n
187
28k
Facilitating Awesome Meetings
lara
56
6.6k
Building Flexible Design Systems
yeseniaperezcruz
329
39k
Automating Front-end Workflow
addyosmani
1371
200k
The Invisible Side of Design
smashingmag
301
51k
4 Signs Your Business is Dying
shpigford
185
22k
Build your cross-platform service in a week with App Engine
jlugia
232
18k
How to Think Like a Performance Engineer
csswizardry
27
2k
Speed Design
sergeychernyshev
32
1.1k
Become a Pro
speakerdeck
PRO
29
5.5k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
23
1.5k
Learning to Love Humans: Emotional Interface Design
aarron
274
40k
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs
rb2k
miyatakoji
takaking22
murachiakira
ryokotmng
sansan33
moriyuya
sanogemaru
nishiuma
po3rin
findy_eventslides
tomokusaba
pfn
3n
lara
yeseniaperezcruz
addyosmani
smashingmag
shpigford
jlugia
csswizardry
sergeychernyshev
speakerdeck
honnibal
aarron
![Quick risk assessment Lucid: [00:35:27] [email protected]:~# openssl version OpenSSL 0.9.8k](https://files.speakerdeck.com/presentations/9c065900c310013186c31652ff098141/slide_7.jpg){kind=link}
