Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Marc Seeger
May 20, 2014
Technology
15k
0
Share
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
190
The DIRAC video codec
rb2k
1
94
Communitygetriebene Android Systemerweiterungen
rb2k
1
59
Alternative infrastructure
rb2k
1
180
NoSQL Lunch and Learn
rb2k
9
8.6k
Lunch and Learn: Cucumber and Capybara
rb2k
7
22k
Other Decks in Technology
See All in Technology
開発チームとQAエンジニアの新しい協業モデル -年末調整開発チームで実践する【QAリード施策】-
kaomi_wombat
0
280
AIにより大幅に強化された AWS Transform Customを触ってみる
0air
0
240
私がよく使うMCPサーバー3選と社内で安全に活用する方法
kintotechdev
0
150
DMBOKを使ってレバレジーズのデータマネジメントを評価した
leveragestech
0
500
Podcast配信で広がったアウトプットの輪~70人と音声発信してきた7年間~/outputconf_01
fortegp05
0
170
20260326_AIDD事例紹介_ULSC.pdf
findy_eventslides
0
280
Cursor Subagentsはいいぞ
yug1224
2
130
TUNA Camp 2026 京都Stage ヒューリスティックアルゴリズム入門
terryu16
0
650
AI時代のオンプレ-クラウドキャリアチェンジ考
yuu0w0yuu
0
680
互換性のある(らしい)DBへの移行など考えるにあたってたいへんざっくり
sejima
PRO
0
480
脳が溶けた話 / Melted Brain
keisuke69
1
1.1k
PostgreSQL 18のNOT ENFORCEDな制約とDEFERRABLEの関係
yahonda
0
150
Featured
See All Featured
We Have a Design System, Now What?
morganepeng
55
8.1k
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
1
500
Agile that works and the tools we love
rasmusluckow
331
21k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
3.4k
Getting science done with accelerated Python computing platforms
jacobtomlinson
2
160
What’s in a name? Adding method to the madness
productmarketing
PRO
24
4k
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
livdayseo
0
91
AI in Enterprises - Java and Open Source to the Rescue
ivargrimstad
0
1.2k
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
aleyda
1
2k
Rebuilding a faster, lazier Slack
samanthasiow
85
9.4k
ラッコキーワード サービス紹介資料
rakko
1
2.8M
Building a Modern Day E-commerce SEO Strategy
aleyda
45
9k
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs
rb2k
kaomi_wombat
0air
kintotechdev
leveragestech
fortegp05
findy_eventslides
yug1224
terryu16
yuu0w0yuu
sejima
keisuke69
yahonda
morganepeng
inesmontani
rasmusluckow
eileencodes
jacobtomlinson
productmarketing
livdayseo
ivargrimstad
aleyda
samanthasiow
rakko
![Quick risk assessment Lucid: [00:35:27] [email protected]:~# openssl version OpenSSL 0.9.8k](https://files.speakerdeck.com/presentations/9c065900c310013186c31652ff098141/slide_7.jpg){kind=link}
