Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Heartbleed at Acquia
Search
Marc Seeger
May 20, 2014
Technology
0
14k
Heartbleed at Acquia
A quick presentation on how we handled Heartbleed at Acquia. Held at a DevOps Boston meetup.
Marc Seeger
May 20, 2014
Tweet
Share
More Decks by Marc Seeger
See All by Marc Seeger
Security in DECT
rb2k
2
160
The DIRAC video codec
rb2k
1
76
Communitygetriebene Android Systemerweiterungen
rb2k
1
53
Alternative infrastructure
rb2k
1
170
NoSQL Lunch and Learn
rb2k
9
8.5k
Lunch and Learn: Cucumber and Capybara
rb2k
7
21k
Other Decks in Technology
See All in Technology
Azure Developer CLI と Azure Deployment Environment / Azure Developer CLI and Azure Deployment Environment
nnstt1
1
130
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
2.6k
うちの会社の評判は?SNSの投稿分析にAIを使ってみた
doumae
0
280
Cursor Meetup Tokyo
iamshunta
2
710
障害を回避するHttpClient再入門 / Avoiding Failures HttpClient Reintroduction
uskey512
1
160
toittaにOpenTelemetryを導入した話 / Mackerel APM リリースパーティ
cohalz
1
490
大手企業のAIツール導入の壁を越えて:サイバーエージェントのCursor活用戦略
gunta
19
5.5k
技術書典18結果報告
mutsumix
2
180
Slackひと声でブログ校正!Claudeレビュー自動化編
yusukeshimizu
3
180
OTel meets Wasm: プラグイン機構としてのWebAssemblyから見る次世代のObservability
lycorptech_jp
PRO
1
300
GigaViewerにおけるMackerel APM導入の裏側
7474
0
460
会社紹介資料 / Sansan Company Profile
sansan33
PRO
6
360k
Featured
See All Featured
GraphQLとの向き合い方2022年版
quramy
46
14k
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.8k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
52
2.8k
Side Projects
sachag
454
42k
For a Future-Friendly Web
brad_frost
178
9.7k
The Power of CSS Pseudo Elements
geoffreycrofte
76
5.8k
The Straight Up "How To Draw Better" Workshop
denniskardys
233
140k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
26k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
KATA
mclloyd
29
14k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.7k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Transcript
Marc Seeger (@rb2k) Boston Devops Meetup May 20th 2014 at
Act 1: Technology
How it all started 7:24 PM
How it all started 7:30 PM
How it all started 7:26 PM
How it all started 7:33 PM
How it all started
Quick risk assessment Lucid: [00:35:27]
[email protected]
:~# openssl version OpenSSL 0.9.8k
25 Mar 2009 ! Precise: [00:34:37]
[email protected]
:~# openssl version OpenSSL 1.0.1 14 Mar 2012
Where’s Waldo OpenSSL 8000 EC2 Machines: - 99.9% of them
puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
Let the patching begin
Rollout Australia: ! Con: - Spiders - Snakes ! Pro:
- Ops is awake
Rollout
Scan www
Waiting on ELBs…
Internal Certificates
Suddenly: “reverse” Heartbleed
Act 2: Communication
Internal • Pre-determined chat rooms • Dial-in conference bridges •
A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
Statuspage + Twitter * Powered by StatusPage.io *
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
Proactive communication Phone calls by Acquia support, TAMs, …
Since then: Post mortem
Since then: Incident Commander (shamelessly stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
Since then: Dedicated resource to vet security threats
Since then: Clean up intranet docs
Since then: Additional tooling
We’re hiring (shameless self promotion) bit.ly/acquiajobs
rb2k
nnstt1
sansan33
doumae
iamshunta
uskey512
cohalz
gunta
mutsumix
yusukeshimizu
lycorptech_jp
7474
quramy
dougneiner
tammyeverts
sachag
brad_frost
geoffreycrofte
denniskardys
cassininazir
malarkey
mclloyd
bluesmoon
chriscoyier
![Quick risk assessment Lucid: [00:35:27] [email protected]:~# openssl version OpenSSL 0.9.8k](https://files.speakerdeck.com/presentations/9c065900c310013186c31652ff098141/slide_7.jpg){kind=link}
