Submit Search
Upload
DevOps Boston - Heartbleed at Acquia
•
1 like
•
1,080 views
Marc Seeger
Follow
A presentation I gave at DevOps Boston on how we handled the Heartbleed bug at Acquia
Read less
Read more
Technology
Business
Report
Share
Report
Share
1 of 27
Download now
Download to read offline
Recommended
a framework for fingerprinting ICS honeypots
a framework for fingerprinting ICS honeypots
Mohammad Reza Zamiri
งานโลหะแผ่น5 3
งานโลหะแผ่น5 3
Pannathat Champakul
Venetia panorama
Venetia panorama
Centro de Dermatología Veterinaria ADERVET
ไม้ตะกู
ไม้ตะกู
chokchai57
¿Quién controla los medios de comunicación en el perú?
¿Quién controla los medios de comunicación en el perú?
Franck Campos
Flateel
Flateel
sachin chaudhary
The Most effective models for Customer Support Operations
The Most effective models for Customer Support Operations
David Loia
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
สำนักจุฬาราชมนตรี
Recommended
a framework for fingerprinting ICS honeypots
a framework for fingerprinting ICS honeypots
Mohammad Reza Zamiri
งานโลหะแผ่น5 3
งานโลหะแผ่น5 3
Pannathat Champakul
Venetia panorama
Venetia panorama
Centro de Dermatología Veterinaria ADERVET
ไม้ตะกู
ไม้ตะกู
chokchai57
¿Quién controla los medios de comunicación en el perú?
¿Quién controla los medios de comunicación en el perú?
Franck Campos
Flateel
Flateel
sachin chaudhary
The Most effective models for Customer Support Operations
The Most effective models for Customer Support Operations
David Loia
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
สำนักจุฬาราชมนตรี
Arquitetura de informação
Arquitetura de informação
Princi Agência Web
Getting Tactical with LATAM Digital Marketing
Getting Tactical with LATAM Digital Marketing
Zeph Snapp
Ppt 01
Ppt 01
Pannathat Champakul
Wellness at Dartmouth_asessment and recommendations
Wellness at Dartmouth_asessment and recommendations
Boyd Lever
Fb alopecia in a bulldog
Fb alopecia in a bulldog
Centro de Dermatología Veterinaria ADERVET
Las 48 leyes del poder
Las 48 leyes del poder
Orlando Escudero
Revista veja destaca fernando mendes na edição desta semana
Revista veja destaca fernando mendes na edição desta semana
Evandro Lira
Non-Specialized File Format Extension
Non-Specialized File Format Extension
CSCJournals
Mag One Products Inc. Investor Presentation
Mag One Products Inc. Investor Presentation
RedChip Companies, Inc.
Metodos
Metodos
PAULO Moreira
sukanya HR Resume updated
sukanya HR Resume updated
sukanya karumanchi
Planhub
Planhub
家璿 周
Sensoplan
Sensoplan
Glenn Porter
Bcg matricx
Bcg matricx
Neha Singh
Contexto educativo fpd
Contexto educativo fpd
neftali morales sampedro
Tecnologia eduativa
Tecnologia eduativa
miguelsanchezz1
2008 cafe tirana
2008 cafe tirana
Szymon Konkol - Publikacje Cyfrowe
Iot demoday nov_2014
Iot demoday nov_2014
Simen Sommerfeldt
nodebots presentation @seekjobs
nodebots presentation @seekjobs
Esteban (Steven) De Salas
DrupalGov2014 Heartbleed
DrupalGov2014 Heartbleed
Timothy Hilliard
Kubernetes Native Java
Kubernetes Native Java
Alex Soto
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Joxean Koret - Database Security Paradise [Rooted CON 2011]
RootedCON
More Related Content
Viewers also liked
Arquitetura de informação
Arquitetura de informação
Princi Agência Web
Getting Tactical with LATAM Digital Marketing
Getting Tactical with LATAM Digital Marketing
Zeph Snapp
Ppt 01
Ppt 01
Pannathat Champakul
Wellness at Dartmouth_asessment and recommendations
Wellness at Dartmouth_asessment and recommendations
Boyd Lever
Fb alopecia in a bulldog
Fb alopecia in a bulldog
Centro de Dermatología Veterinaria ADERVET
Las 48 leyes del poder
Las 48 leyes del poder
Orlando Escudero
Revista veja destaca fernando mendes na edição desta semana
Revista veja destaca fernando mendes na edição desta semana
Evandro Lira
Non-Specialized File Format Extension
Non-Specialized File Format Extension
CSCJournals
Mag One Products Inc. Investor Presentation
Mag One Products Inc. Investor Presentation
RedChip Companies, Inc.
Metodos
Metodos
PAULO Moreira
sukanya HR Resume updated
sukanya HR Resume updated
sukanya karumanchi
Planhub
Planhub
家璿 周
Sensoplan
Sensoplan
Glenn Porter
Bcg matricx
Bcg matricx
Neha Singh
Contexto educativo fpd
Contexto educativo fpd
neftali morales sampedro
Tecnologia eduativa
Tecnologia eduativa
miguelsanchezz1
2008 cafe tirana
2008 cafe tirana
Szymon Konkol - Publikacje Cyfrowe
Viewers also liked
(17)
Arquitetura de informação
Arquitetura de informação
Getting Tactical with LATAM Digital Marketing
Getting Tactical with LATAM Digital Marketing
Ppt 01
Ppt 01
Wellness at Dartmouth_asessment and recommendations
Wellness at Dartmouth_asessment and recommendations
Fb alopecia in a bulldog
Fb alopecia in a bulldog
Las 48 leyes del poder
Las 48 leyes del poder
Revista veja destaca fernando mendes na edição desta semana
Revista veja destaca fernando mendes na edição desta semana
Non-Specialized File Format Extension
Non-Specialized File Format Extension
Mag One Products Inc. Investor Presentation
Mag One Products Inc. Investor Presentation
Metodos
Metodos
sukanya HR Resume updated
sukanya HR Resume updated
Planhub
Planhub
Sensoplan
Sensoplan
Bcg matricx
Bcg matricx
Contexto educativo fpd
Contexto educativo fpd
Tecnologia eduativa
Tecnologia eduativa
2008 cafe tirana
2008 cafe tirana
Similar to DevOps Boston - Heartbleed at Acquia
Iot demoday nov_2014
Iot demoday nov_2014
Simen Sommerfeldt
nodebots presentation @seekjobs
nodebots presentation @seekjobs
Esteban (Steven) De Salas
DrupalGov2014 Heartbleed
DrupalGov2014 Heartbleed
Timothy Hilliard
Kubernetes Native Java
Kubernetes Native Java
Alex Soto
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Joxean Koret - Database Security Paradise [Rooted CON 2011]
RootedCON
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
PROIDEA
Fosdem10
Fosdem10
wremes
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
Ernie Souhrada
Exploring the Internet of Things Using Ruby
Exploring the Internet of Things Using Ruby
Mike Hagedorn
AEO Training - 2023.pdf
AEO Training - 2023.pdf
Mohamed Taoufik TEKAYA
Techniques of attacking ICS systems
Techniques of attacking ICS systems
qqlan
How to Run Solr on Docker and Why
How to Run Solr on Docker and Why
Sematext Group, Inc.
ROBOTICS - Introduction to Robotics Microcontroller
ROBOTICS - Introduction to Robotics Microcontroller
Vibrant Technologies & Computers
Devops kc meetup_5_20_2013
Devops kc meetup_5_20_2013
Aaron Blythe
Objectives andwarmups
Objectives andwarmups
mma8108
Apache Mesos at Twitter (Texas LinuxFest 2014)
Apache Mesos at Twitter (Texas LinuxFest 2014)
Chris Aniszczyk
The Departed: Exploit Next Generation® – The Philosophy
The Departed: Exploit Next Generation® – The Philosophy
Nelson Brito
IJTC%202009%20JRuby
IJTC%202009%20JRuby
tutorialsruby
IJTC%202009%20JRuby
IJTC%202009%20JRuby
tutorialsruby
Vulnerability & Exploit Trends: A Deep Look Inside the Data
Vulnerability & Exploit Trends: A Deep Look Inside the Data
Kenna
Similar to DevOps Boston - Heartbleed at Acquia
(20)
Iot demoday nov_2014
Iot demoday nov_2014
nodebots presentation @seekjobs
nodebots presentation @seekjobs
DrupalGov2014 Heartbleed
DrupalGov2014 Heartbleed
Kubernetes Native Java
Kubernetes Native Java
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Joxean Koret - Database Security Paradise [Rooted CON 2011]
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
Fosdem10
Fosdem10
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
Exploring the Internet of Things Using Ruby
Exploring the Internet of Things Using Ruby
AEO Training - 2023.pdf
AEO Training - 2023.pdf
Techniques of attacking ICS systems
Techniques of attacking ICS systems
How to Run Solr on Docker and Why
How to Run Solr on Docker and Why
ROBOTICS - Introduction to Robotics Microcontroller
ROBOTICS - Introduction to Robotics Microcontroller
Devops kc meetup_5_20_2013
Devops kc meetup_5_20_2013
Objectives andwarmups
Objectives andwarmups
Apache Mesos at Twitter (Texas LinuxFest 2014)
Apache Mesos at Twitter (Texas LinuxFest 2014)
The Departed: Exploit Next Generation® – The Philosophy
The Departed: Exploit Next Generation® – The Philosophy
IJTC%202009%20JRuby
IJTC%202009%20JRuby
IJTC%202009%20JRuby
IJTC%202009%20JRuby
Vulnerability & Exploit Trends: A Deep Look Inside the Data
Vulnerability & Exploit Trends: A Deep Look Inside the Data
More from Marc Seeger
The current state of anonymous filesharing
The current state of anonymous filesharing
Marc Seeger
Lunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and Capybara
Marc Seeger
NoSQL databases
NoSQL databases
Marc Seeger
building blocks of a scalable webcrawler
building blocks of a scalable webcrawler
Marc Seeger
Communitygetriebe Android Systementwicklung
Communitygetriebe Android Systementwicklung
Marc Seeger
Eventdriven I/O - A hands on introduction
Eventdriven I/O - A hands on introduction
Marc Seeger
Alternative Infrastucture
Alternative Infrastucture
Marc Seeger
Communitygetriebene Android Systemerweiterungen
Communitygetriebene Android Systemerweiterungen
Marc Seeger
Key-Value Stores: a practical overview
Key-Value Stores: a practical overview
Marc Seeger
ZFS
ZFS
Marc Seeger
The Dirac Video CoDec
The Dirac Video CoDec
Marc Seeger
Anonimität - Konzepte und Werkzeuge
Anonimität - Konzepte und Werkzeuge
Marc Seeger
Security In Dect
Security In Dect
Marc Seeger
Social Media in der Unternehmenskommunikation
Social Media in der Unternehmenskommunikation
Marc Seeger
xDSL, DSLAM & CO
xDSL, DSLAM & CO
Marc Seeger
Ruby Xml Mapping
Ruby Xml Mapping
Marc Seeger
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
Marc Seeger
More from Marc Seeger
(17)
The current state of anonymous filesharing
The current state of anonymous filesharing
Lunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and Capybara
NoSQL databases
NoSQL databases
building blocks of a scalable webcrawler
building blocks of a scalable webcrawler
Communitygetriebe Android Systementwicklung
Communitygetriebe Android Systementwicklung
Eventdriven I/O - A hands on introduction
Eventdriven I/O - A hands on introduction
Alternative Infrastucture
Alternative Infrastucture
Communitygetriebene Android Systemerweiterungen
Communitygetriebene Android Systemerweiterungen
Key-Value Stores: a practical overview
Key-Value Stores: a practical overview
ZFS
ZFS
The Dirac Video CoDec
The Dirac Video CoDec
Anonimität - Konzepte und Werkzeuge
Anonimität - Konzepte und Werkzeuge
Security In Dect
Security In Dect
Social Media in der Unternehmenskommunikation
Social Media in der Unternehmenskommunikation
xDSL, DSLAM & CO
xDSL, DSLAM & CO
Ruby Xml Mapping
Ruby Xml Mapping
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
Recently uploaded
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Dropbox
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
rafiqahmad00786416
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
The Digital Insurer
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
Zilliz
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
lior mazor
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Zilliz
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Khushali Kathiriya
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Edi Saputra
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
Nanddeep Nachan
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
Khem
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Remote DBA Services
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
Recently uploaded
(20)
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
DevOps Boston - Heartbleed at Acquia
1.
Marc Seeger (@rb2k) Boston
Devops Meetup May 20th 2014 at
2.
Act 1: Technology
3.
How it all
started 7:24 PM
4.
How it all
started 7:30 PM
5.
How it all
started 7:26 PM
6.
How it all
started 7:33 PM
7.
How it all
started
8.
Quick risk assessment Lucid: [00:35:27]
root@bal-2.dev:~# openssl version OpenSSL 0.9.8k 25 Mar 2009 ! Precise: [00:34:37] root@master.dev:~# openssl version OpenSSL 1.0.1 14 Mar 2012
9.
Where’s Waldo OpenSSL 8000
EC2 Machines: - 99.9% of them puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
10.
Let the patching
begin
11.
Rollout Australia: ! Con: - Spiders - Snakes ! Pro: -
Ops is awake
12.
Rollout
13.
Scan www
14.
Waiting on ELBs…
15.
Internal Certificates
16.
Suddenly: “reverse” Heartbleed
17.
Act 2: Communication
18.
Internal • Pre-determined chat
rooms • Dial-in conference bridges • A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
19.
Statuspage + Twitter *
Powered by StatusPage.io *
20.
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
21.
Proactive communication Phone calls
by Acquia support, TAMs, …
22.
Since then: Post mortem
23.
Since then: Incident Commander (shamelessly
stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
24.
Since then: Dedicated resource
to vet security threats
25.
Since then: Clean up
intranet docs
26.
Since then: Additional tooling
27.
We’re hiring (shameless self
promotion) bit.ly/acquiajobs
Download now