$30 off During Our Annual Pro Sale. View Details »
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Marc Seeger
May 20, 2014
Technology
0
15k
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
Tweet
Share
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
180
The DIRAC video codec
rb2k
1
83
Communitygetriebene Android Systemerweiterungen
rb2k
1
54
Alternative infrastructure
rb2k
1
180
NoSQL Lunch and Learn
rb2k
9
8.5k
Lunch and Learn: Cucumber and Capybara
rb2k
7
21k
Other Decks in Technology
See All in Technology
Lessons from Migrating to OpenSearch: Shard Design, Log Ingestion, and UI Decisions
sansantech
PRO
1
120
コンテキスト情報を活用し個社最適化されたAI Agentを実現する4つのポイント
kworkdev
PRO
0
660
mairuでつくるクレデンシャルレス開発環境 / Credential-less development environment using Mailru
mirakui
1
160
re:Invent 2025 ~何をする者であり、どこへいくのか~
tetutetu214
0
210
【AWS re:Invent 2025速報】AIビルダー向けアップデートをまとめて解説!
minorun365
4
510
技術以外の世界に『越境』しエンジニアとして進化を遂げる 〜Kotlinへの愛とDevHRとしての挑戦を添えて〜
subroh0508
1
440
大企業でもできる!ボトムアップで拡大させるプラットフォームの作り方
findy_eventslides
1
750
EM歴1年10ヶ月のぼくがぶち当たった苦悩とこれからへ向けて
maaaato
0
270
モダンデータスタック (MDS) の話とデータ分析が起こすビジネス変革
sutotakeshi
0
470
AI 駆動開発勉強会 フロントエンド支部 #1 w/あずもば
1ftseabass
PRO
0
350
[JAWS-UG 横浜支部 #91]DevOps Agent vs CloudWatch Investigations -比較と実践-
sh_fk2
2
250
5分で知るMicrosoft Ignite
taiponrock
PRO
0
350
Featured
See All Featured
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
16k
A Modern Web Designer's Workflow
chriscoyier
698
190k
GitHub's CSS Performance
jonrohan
1032
470k
BBQ
matthewcrist
89
9.9k
Building Flexible Design Systems
yeseniaperezcruz
330
39k
The World Runs on Bad Software
bkeepers
PRO
72
12k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.5k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.6k
[SF Ruby Conf 2025] Rails X
palkan
0
510
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
31
9.8k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
196
70k
Documentation Writing (for coders)
carmenintech
76
5.2k
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs
rb2k
sansantech
kworkdev
mirakui
tetutetu214
minorun365
subroh0508
findy_eventslides
maaaato
sutotakeshi
1ftseabass
sh_fk2
taiponrock
sstephenson
chriscoyier
jonrohan
matthewcrist
yeseniaperezcruz
bkeepers
philnash
bcantrill
palkan
eileencodes
soudai
carmenintech
![Quick risk assessment Lucid: [00:35:27] [email protected]:~# openssl version OpenSSL 0.9.8k](https://files.speakerdeck.com/presentations/9c065900c310013186c31652ff098141/slide_7.jpg){kind=link}
