Submit Search
Upload
Marc Seeger Devops Meetup - Lessons from Heartbleed
•
1 like
•
1,080 views
AI-enhanced title
Marc Seeger
Follow
A presentation I gave at DevOps Boston on how we handled the Heartbleed bug at Acquia
Read less
Read more
Technology
Business
Report
Share
Report
Share
1 of 27
Download now
Download to read offline
Recommended
a framework for fingerprinting ICS honeypots
a framework for fingerprinting ICS honeypots
Mohammad Reza Zamiri
งานโลหะแผ่น5 3
งานโลหะแผ่น5 3
Pannathat Champakul
Venetia panorama
Venetia panorama
Centro de Dermatología Veterinaria ADERVET
ไม้ตะกู
ไม้ตะกู
chokchai57
¿Quién controla los medios de comunicación en el perú?
¿Quién controla los medios de comunicación en el perú?
Franck Campos
Flateel
Flateel
sachin chaudhary
The Most effective models for Customer Support Operations
The Most effective models for Customer Support Operations
David Loia
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
สำนักจุฬาราชมนตรี
Recommended
a framework for fingerprinting ICS honeypots
a framework for fingerprinting ICS honeypots
Mohammad Reza Zamiri
งานโลหะแผ่น5 3
งานโลหะแผ่น5 3
Pannathat Champakul
Venetia panorama
Venetia panorama
Centro de Dermatología Veterinaria ADERVET
ไม้ตะกู
ไม้ตะกู
chokchai57
¿Quién controla los medios de comunicación en el perú?
¿Quién controla los medios de comunicación en el perú?
Franck Campos
Flateel
Flateel
sachin chaudhary
The Most effective models for Customer Support Operations
The Most effective models for Customer Support Operations
David Loia
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
สำนักจุฬาราชมนตรี
Arquitetura de informação
Arquitetura de informação
Princi Agência Web
Getting Tactical with LATAM Digital Marketing
Getting Tactical with LATAM Digital Marketing
Zeph Snapp
Ppt 01
Ppt 01
Pannathat Champakul
Wellness at Dartmouth_asessment and recommendations
Wellness at Dartmouth_asessment and recommendations
Boyd Lever
Fb alopecia in a bulldog
Fb alopecia in a bulldog
Centro de Dermatología Veterinaria ADERVET
Las 48 leyes del poder
Las 48 leyes del poder
Orlando Escudero
Revista veja destaca fernando mendes na edição desta semana
Revista veja destaca fernando mendes na edição desta semana
Evandro Lira
Non-Specialized File Format Extension
Non-Specialized File Format Extension
CSCJournals
Mag One Products Inc. Investor Presentation
Mag One Products Inc. Investor Presentation
RedChip Companies, Inc.
Metodos
Metodos
PAULO Moreira
sukanya HR Resume updated
sukanya HR Resume updated
sukanya karumanchi
Planhub
Planhub
家璿 周
Sensoplan
Sensoplan
Glenn Porter
Bcg matricx
Bcg matricx
Neha Singh
Contexto educativo fpd
Contexto educativo fpd
neftali morales sampedro
Tecnologia eduativa
Tecnologia eduativa
miguelsanchezz1
2008 cafe tirana
2008 cafe tirana
Szymon Konkol - Publikacje Cyfrowe
Iot demoday nov_2014
Iot demoday nov_2014
Simen Sommerfeldt
nodebots presentation @seekjobs
nodebots presentation @seekjobs
Esteban (Steven) De Salas
DrupalGov2014 Heartbleed
DrupalGov2014 Heartbleed
Timothy Hilliard
Kubernetes Native Java
Kubernetes Native Java
Alex Soto
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Joxean Koret - Database Security Paradise [Rooted CON 2011]
RootedCON
More Related Content
Viewers also liked
Arquitetura de informação
Arquitetura de informação
Princi Agência Web
Getting Tactical with LATAM Digital Marketing
Getting Tactical with LATAM Digital Marketing
Zeph Snapp
Ppt 01
Ppt 01
Pannathat Champakul
Wellness at Dartmouth_asessment and recommendations
Wellness at Dartmouth_asessment and recommendations
Boyd Lever
Fb alopecia in a bulldog
Fb alopecia in a bulldog
Centro de Dermatología Veterinaria ADERVET
Las 48 leyes del poder
Las 48 leyes del poder
Orlando Escudero
Revista veja destaca fernando mendes na edição desta semana
Revista veja destaca fernando mendes na edição desta semana
Evandro Lira
Non-Specialized File Format Extension
Non-Specialized File Format Extension
CSCJournals
Mag One Products Inc. Investor Presentation
Mag One Products Inc. Investor Presentation
RedChip Companies, Inc.
Metodos
Metodos
PAULO Moreira
sukanya HR Resume updated
sukanya HR Resume updated
sukanya karumanchi
Planhub
Planhub
家璿 周
Sensoplan
Sensoplan
Glenn Porter
Bcg matricx
Bcg matricx
Neha Singh
Contexto educativo fpd
Contexto educativo fpd
neftali morales sampedro
Tecnologia eduativa
Tecnologia eduativa
miguelsanchezz1
2008 cafe tirana
2008 cafe tirana
Szymon Konkol - Publikacje Cyfrowe
Viewers also liked
(17)
Arquitetura de informação
Arquitetura de informação
Getting Tactical with LATAM Digital Marketing
Getting Tactical with LATAM Digital Marketing
Ppt 01
Ppt 01
Wellness at Dartmouth_asessment and recommendations
Wellness at Dartmouth_asessment and recommendations
Fb alopecia in a bulldog
Fb alopecia in a bulldog
Las 48 leyes del poder
Las 48 leyes del poder
Revista veja destaca fernando mendes na edição desta semana
Revista veja destaca fernando mendes na edição desta semana
Non-Specialized File Format Extension
Non-Specialized File Format Extension
Mag One Products Inc. Investor Presentation
Mag One Products Inc. Investor Presentation
Metodos
Metodos
sukanya HR Resume updated
sukanya HR Resume updated
Planhub
Planhub
Sensoplan
Sensoplan
Bcg matricx
Bcg matricx
Contexto educativo fpd
Contexto educativo fpd
Tecnologia eduativa
Tecnologia eduativa
2008 cafe tirana
2008 cafe tirana
Similar to Marc Seeger Devops Meetup - Lessons from Heartbleed
Iot demoday nov_2014
Iot demoday nov_2014
Simen Sommerfeldt
nodebots presentation @seekjobs
nodebots presentation @seekjobs
Esteban (Steven) De Salas
DrupalGov2014 Heartbleed
DrupalGov2014 Heartbleed
Timothy Hilliard
Kubernetes Native Java
Kubernetes Native Java
Alex Soto
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Joxean Koret - Database Security Paradise [Rooted CON 2011]
RootedCON
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
PROIDEA
Fosdem10
Fosdem10
wremes
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
Ernie Souhrada
Exploring the Internet of Things Using Ruby
Exploring the Internet of Things Using Ruby
Mike Hagedorn
AEO Training - 2023.pdf
AEO Training - 2023.pdf
Mohamed Taoufik TEKAYA
Techniques of attacking ICS systems
Techniques of attacking ICS systems
qqlan
How to Run Solr on Docker and Why
How to Run Solr on Docker and Why
Sematext Group, Inc.
ROBOTICS - Introduction to Robotics Microcontroller
ROBOTICS - Introduction to Robotics Microcontroller
Vibrant Technologies & Computers
Devops kc meetup_5_20_2013
Devops kc meetup_5_20_2013
Aaron Blythe
Objectives andwarmups
Objectives andwarmups
mma8108
Apache Mesos at Twitter (Texas LinuxFest 2014)
Apache Mesos at Twitter (Texas LinuxFest 2014)
Chris Aniszczyk
The Departed: Exploit Next Generation® – The Philosophy
The Departed: Exploit Next Generation® – The Philosophy
Nelson Brito
IJTC%202009%20JRuby
IJTC%202009%20JRuby
tutorialsruby
IJTC%202009%20JRuby
IJTC%202009%20JRuby
tutorialsruby
Vulnerability & Exploit Trends: A Deep Look Inside the Data
Vulnerability & Exploit Trends: A Deep Look Inside the Data
Kenna
Similar to Marc Seeger Devops Meetup - Lessons from Heartbleed
(20)
Iot demoday nov_2014
Iot demoday nov_2014
nodebots presentation @seekjobs
nodebots presentation @seekjobs
DrupalGov2014 Heartbleed
DrupalGov2014 Heartbleed
Kubernetes Native Java
Kubernetes Native Java
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Joxean Koret - Database Security Paradise [Rooted CON 2011]
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
Fosdem10
Fosdem10
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
Exploring the Internet of Things Using Ruby
Exploring the Internet of Things Using Ruby
AEO Training - 2023.pdf
AEO Training - 2023.pdf
Techniques of attacking ICS systems
Techniques of attacking ICS systems
How to Run Solr on Docker and Why
How to Run Solr on Docker and Why
ROBOTICS - Introduction to Robotics Microcontroller
ROBOTICS - Introduction to Robotics Microcontroller
Devops kc meetup_5_20_2013
Devops kc meetup_5_20_2013
Objectives andwarmups
Objectives andwarmups
Apache Mesos at Twitter (Texas LinuxFest 2014)
Apache Mesos at Twitter (Texas LinuxFest 2014)
The Departed: Exploit Next Generation® – The Philosophy
The Departed: Exploit Next Generation® – The Philosophy
IJTC%202009%20JRuby
IJTC%202009%20JRuby
IJTC%202009%20JRuby
IJTC%202009%20JRuby
Vulnerability & Exploit Trends: A Deep Look Inside the Data
Vulnerability & Exploit Trends: A Deep Look Inside the Data
More from Marc Seeger
The current state of anonymous filesharing
The current state of anonymous filesharing
Marc Seeger
Lunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and Capybara
Marc Seeger
NoSQL databases
NoSQL databases
Marc Seeger
building blocks of a scalable webcrawler
building blocks of a scalable webcrawler
Marc Seeger
Communitygetriebe Android Systementwicklung
Communitygetriebe Android Systementwicklung
Marc Seeger
Eventdriven I/O - A hands on introduction
Eventdriven I/O - A hands on introduction
Marc Seeger
Alternative Infrastucture
Alternative Infrastucture
Marc Seeger
Communitygetriebene Android Systemerweiterungen
Communitygetriebene Android Systemerweiterungen
Marc Seeger
Key-Value Stores: a practical overview
Key-Value Stores: a practical overview
Marc Seeger
ZFS
ZFS
Marc Seeger
The Dirac Video CoDec
The Dirac Video CoDec
Marc Seeger
Anonimität - Konzepte und Werkzeuge
Anonimität - Konzepte und Werkzeuge
Marc Seeger
Security In Dect
Security In Dect
Marc Seeger
Social Media in der Unternehmenskommunikation
Social Media in der Unternehmenskommunikation
Marc Seeger
xDSL, DSLAM & CO
xDSL, DSLAM & CO
Marc Seeger
Ruby Xml Mapping
Ruby Xml Mapping
Marc Seeger
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
Marc Seeger
More from Marc Seeger
(17)
The current state of anonymous filesharing
The current state of anonymous filesharing
Lunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and Capybara
NoSQL databases
NoSQL databases
building blocks of a scalable webcrawler
building blocks of a scalable webcrawler
Communitygetriebe Android Systementwicklung
Communitygetriebe Android Systementwicklung
Eventdriven I/O - A hands on introduction
Eventdriven I/O - A hands on introduction
Alternative Infrastucture
Alternative Infrastucture
Communitygetriebene Android Systemerweiterungen
Communitygetriebene Android Systemerweiterungen
Key-Value Stores: a practical overview
Key-Value Stores: a practical overview
ZFS
ZFS
The Dirac Video CoDec
The Dirac Video CoDec
Anonimität - Konzepte und Werkzeuge
Anonimität - Konzepte und Werkzeuge
Security In Dect
Security In Dect
Social Media in der Unternehmenskommunikation
Social Media in der Unternehmenskommunikation
xDSL, DSLAM & CO
xDSL, DSLAM & CO
Ruby Xml Mapping
Ruby Xml Mapping
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
Recently uploaded
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
2024 April Patch Tuesday
2024 April Patch Tuesday
Ivanti
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
Farhan Tariq
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Alkin Tezuysal
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Scott Andery
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
Knoldus Inc.
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
panagenda
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
AliaaTarek5
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
LoriGlavin3
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
Rick Flair
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
LoriGlavin3
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
IES VE
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Curtis Poe
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
panagenda
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
HarshalMandlekar2
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
Neo4j
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
Mydbops
Recently uploaded
(20)
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
2024 April Patch Tuesday
2024 April Patch Tuesday
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
Marc Seeger Devops Meetup - Lessons from Heartbleed
1.
Marc Seeger (@rb2k) Boston
Devops Meetup May 20th 2014 at
2.
Act 1: Technology
3.
How it all
started 7:24 PM
4.
How it all
started 7:30 PM
5.
How it all
started 7:26 PM
6.
How it all
started 7:33 PM
7.
How it all
started
8.
Quick risk assessment Lucid: [00:35:27]
root@bal-2.dev:~# openssl version OpenSSL 0.9.8k 25 Mar 2009 ! Precise: [00:34:37] root@master.dev:~# openssl version OpenSSL 1.0.1 14 Mar 2012
9.
Where’s Waldo OpenSSL 8000
EC2 Machines: - 99.9% of them puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
10.
Let the patching
begin
11.
Rollout Australia: ! Con: - Spiders - Snakes ! Pro: -
Ops is awake
12.
Rollout
13.
Scan www
14.
Waiting on ELBs…
15.
Internal Certificates
16.
Suddenly: “reverse” Heartbleed
17.
Act 2: Communication
18.
Internal • Pre-determined chat
rooms • Dial-in conference bridges • A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
19.
Statuspage + Twitter *
Powered by StatusPage.io *
20.
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
21.
Proactive communication Phone calls
by Acquia support, TAMs, …
22.
Since then: Post mortem
23.
Since then: Incident Commander (shamelessly
stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
24.
Since then: Dedicated resource
to vet security threats
25.
Since then: Clean up
intranet docs
26.
Since then: Additional tooling
27.
We’re hiring (shameless self
promotion) bit.ly/acquiajobs
Download now