Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Marc Seeger
May 20, 2014
Technology
0
15k
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
Tweet
Share
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
180
The DIRAC video codec
rb2k
1
89
Communitygetriebene Android Systemerweiterungen
rb2k
1
57
Alternative infrastructure
rb2k
1
180
NoSQL Lunch and Learn
rb2k
9
8.6k
Lunch and Learn: Cucumber and Capybara
rb2k
7
22k
Other Decks in Technology
See All in Technology
「Blue Team Labs Online」入門 - みんなで挑むログ解析バトル
v_avenger
0
120
Oracle Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
4
1.1k
タスク管理も1on1も、もう「管理」じゃない ― KiroとBedrock AgentCoreで変わった"判断の仕事"
yusukeshimizu
5
1.9k
A Gentle Introduction to Transformers
keio_smilab
PRO
2
930
楽しく学ぼう!ネットワーク入門
shotashiratori
0
300
ヘルシーSRE
tk3fftk
2
240
S3はフラットである –AWS公式SDKにも存在した、 署名付きURLにおけるパストラバーサル脆弱性– / JAWS DAYS 2026
flatt_security
0
950
事例に見るスマートファクトリーへの道筋〜工場データをAI Readyにする実践ステップ〜
hamadakoji
0
210
聲の形にみるアクセシビリティ
tomokusaba
0
150
AIエージェント・エコノミーの幕開け 〜 オープンプロトコルが変えるビジネスの未来 〜
shukob
0
110
モブプログラミング再入門 ー 基本から見直す、AI時代のチーム開発の選択肢 ー / A Re-introduction of Mob Programming
takaking22
5
750
研究開発部メンバーの働き⽅ / Sansan R&D Profile
sansan33
PRO
4
22k
Featured
See All Featured
Odyssey Design
rkendrick25
PRO
2
540
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Darren the Foodie - Storyboard
khoart
PRO
3
2.8k
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
118
110k
Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025
aleyda
1
1.9k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.8k
sira's awesome portfolio website redesign presentation
elsirapls
0
190
The Power of CSS Pseudo Elements
geoffreycrofte
82
6.2k
The innovator’s Mindset - Leading Through an Era of Exponential Change - McGill University 2025
jdejongh
PRO
1
120
Ecommerce SEO: The Keys for Success Now & Beyond - #SERPConf2024
aleyda
1
1.8k
Ethics towards AI in product and experience design
skipperchong
2
220
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
140
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs
rb2k
v_avenger
oracle4engineer
yusukeshimizu
keio_smilab
shotashiratori
tk3fftk
flatt_security
hamadakoji
tomokusaba
shukob
takaking22
sansan33
rkendrick25
samlambert
khoart
twada
aleyda
honnibal
elsirapls
geoffreycrofte
jdejongh
skipperchong
sabderemane
![Quick risk assessment Lucid: [00:35:27] [email protected]:~# openssl version OpenSSL 0.9.8k](https://files.speakerdeck.com/presentations/9c065900c310013186c31652ff098141/slide_7.jpg){kind=link}
