Submit Search
Upload
DevOps Boston - Heartbleed at Acquia
•
1 like
•
1,080 views
Marc Seeger
Follow
A presentation I gave at DevOps Boston on how we handled the Heartbleed bug at Acquia
Read less
Read more
Technology
Business
Report
Share
Report
Share
1 of 27
Download now
Download to read offline
Recommended
a framework for fingerprinting ICS honeypots
a framework for fingerprinting ICS honeypots
Mohammad Reza Zamiri
งานโลหะแผ่น5 3
งานโลหะแผ่น5 3
Pannathat Champakul
Venetia panorama
Venetia panorama
Centro de Dermatología Veterinaria ADERVET
ไม้ตะกู
ไม้ตะกู
chokchai57
¿Quién controla los medios de comunicación en el perú?
¿Quién controla los medios de comunicación en el perú?
Franck Campos
Flateel
Flateel
sachin chaudhary
The Most effective models for Customer Support Operations
The Most effective models for Customer Support Operations
David Loia
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
สำนักจุฬาราชมนตรี
Recommended
a framework for fingerprinting ICS honeypots
a framework for fingerprinting ICS honeypots
Mohammad Reza Zamiri
งานโลหะแผ่น5 3
งานโลหะแผ่น5 3
Pannathat Champakul
Venetia panorama
Venetia panorama
Centro de Dermatología Veterinaria ADERVET
ไม้ตะกู
ไม้ตะกู
chokchai57
¿Quién controla los medios de comunicación en el perú?
¿Quién controla los medios de comunicación en el perú?
Franck Campos
Flateel
Flateel
sachin chaudhary
The Most effective models for Customer Support Operations
The Most effective models for Customer Support Operations
David Loia
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
คุฏบะฮฺ อีดิลฟิฏริ ฮ.ศ. 1436
สำนักจุฬาราชมนตรี
Arquitetura de informação
Arquitetura de informação
Princi Agência Web
Getting Tactical with LATAM Digital Marketing
Getting Tactical with LATAM Digital Marketing
Zeph Snapp
Ppt 01
Ppt 01
Pannathat Champakul
Wellness at Dartmouth_asessment and recommendations
Wellness at Dartmouth_asessment and recommendations
Boyd Lever
Fb alopecia in a bulldog
Fb alopecia in a bulldog
Centro de Dermatología Veterinaria ADERVET
Las 48 leyes del poder
Las 48 leyes del poder
Orlando Escudero
Revista veja destaca fernando mendes na edição desta semana
Revista veja destaca fernando mendes na edição desta semana
Evandro Lira
Non-Specialized File Format Extension
Non-Specialized File Format Extension
CSCJournals
Mag One Products Inc. Investor Presentation
Mag One Products Inc. Investor Presentation
RedChip Companies, Inc.
Metodos
Metodos
PAULO Moreira
sukanya HR Resume updated
sukanya HR Resume updated
sukanya karumanchi
Planhub
Planhub
家璿 周
Sensoplan
Sensoplan
Glenn Porter
Bcg matricx
Bcg matricx
Neha Singh
Contexto educativo fpd
Contexto educativo fpd
neftali morales sampedro
Tecnologia eduativa
Tecnologia eduativa
miguelsanchezz1
2008 cafe tirana
2008 cafe tirana
Szymon Konkol - Publikacje Cyfrowe
Iot demoday nov_2014
Iot demoday nov_2014
Simen Sommerfeldt
nodebots presentation @seekjobs
nodebots presentation @seekjobs
Esteban (Steven) De Salas
DrupalGov2014 Heartbleed
DrupalGov2014 Heartbleed
Timothy Hilliard
Kubernetes Native Java
Kubernetes Native Java
Alex Soto
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Joxean Koret - Database Security Paradise [Rooted CON 2011]
RootedCON
More Related Content
Viewers also liked
Arquitetura de informação
Arquitetura de informação
Princi Agência Web
Getting Tactical with LATAM Digital Marketing
Getting Tactical with LATAM Digital Marketing
Zeph Snapp
Ppt 01
Ppt 01
Pannathat Champakul
Wellness at Dartmouth_asessment and recommendations
Wellness at Dartmouth_asessment and recommendations
Boyd Lever
Fb alopecia in a bulldog
Fb alopecia in a bulldog
Centro de Dermatología Veterinaria ADERVET
Las 48 leyes del poder
Las 48 leyes del poder
Orlando Escudero
Revista veja destaca fernando mendes na edição desta semana
Revista veja destaca fernando mendes na edição desta semana
Evandro Lira
Non-Specialized File Format Extension
Non-Specialized File Format Extension
CSCJournals
Mag One Products Inc. Investor Presentation
Mag One Products Inc. Investor Presentation
RedChip Companies, Inc.
Metodos
Metodos
PAULO Moreira
sukanya HR Resume updated
sukanya HR Resume updated
sukanya karumanchi
Planhub
Planhub
家璿 周
Sensoplan
Sensoplan
Glenn Porter
Bcg matricx
Bcg matricx
Neha Singh
Contexto educativo fpd
Contexto educativo fpd
neftali morales sampedro
Tecnologia eduativa
Tecnologia eduativa
miguelsanchezz1
2008 cafe tirana
2008 cafe tirana
Szymon Konkol - Publikacje Cyfrowe
Viewers also liked
(17)
Arquitetura de informação
Arquitetura de informação
Getting Tactical with LATAM Digital Marketing
Getting Tactical with LATAM Digital Marketing
Ppt 01
Ppt 01
Wellness at Dartmouth_asessment and recommendations
Wellness at Dartmouth_asessment and recommendations
Fb alopecia in a bulldog
Fb alopecia in a bulldog
Las 48 leyes del poder
Las 48 leyes del poder
Revista veja destaca fernando mendes na edição desta semana
Revista veja destaca fernando mendes na edição desta semana
Non-Specialized File Format Extension
Non-Specialized File Format Extension
Mag One Products Inc. Investor Presentation
Mag One Products Inc. Investor Presentation
Metodos
Metodos
sukanya HR Resume updated
sukanya HR Resume updated
Planhub
Planhub
Sensoplan
Sensoplan
Bcg matricx
Bcg matricx
Contexto educativo fpd
Contexto educativo fpd
Tecnologia eduativa
Tecnologia eduativa
2008 cafe tirana
2008 cafe tirana
Similar to DevOps Boston - Heartbleed at Acquia
Iot demoday nov_2014
Iot demoday nov_2014
Simen Sommerfeldt
nodebots presentation @seekjobs
nodebots presentation @seekjobs
Esteban (Steven) De Salas
DrupalGov2014 Heartbleed
DrupalGov2014 Heartbleed
Timothy Hilliard
Kubernetes Native Java
Kubernetes Native Java
Alex Soto
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Joxean Koret - Database Security Paradise [Rooted CON 2011]
RootedCON
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
PROIDEA
Fosdem10
Fosdem10
wremes
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
Ernie Souhrada
Exploring the Internet of Things Using Ruby
Exploring the Internet of Things Using Ruby
Mike Hagedorn
AEO Training - 2023.pdf
AEO Training - 2023.pdf
Mohamed Taoufik TEKAYA
Techniques of attacking ICS systems
Techniques of attacking ICS systems
qqlan
How to Run Solr on Docker and Why
How to Run Solr on Docker and Why
Sematext Group, Inc.
ROBOTICS - Introduction to Robotics Microcontroller
ROBOTICS - Introduction to Robotics Microcontroller
Vibrant Technologies & Computers
Devops kc meetup_5_20_2013
Devops kc meetup_5_20_2013
Aaron Blythe
Objectives andwarmups
Objectives andwarmups
mma8108
Apache Mesos at Twitter (Texas LinuxFest 2014)
Apache Mesos at Twitter (Texas LinuxFest 2014)
Chris Aniszczyk
The Departed: Exploit Next Generation® – The Philosophy
The Departed: Exploit Next Generation® – The Philosophy
Nelson Brito
IJTC%202009%20JRuby
IJTC%202009%20JRuby
tutorialsruby
IJTC%202009%20JRuby
IJTC%202009%20JRuby
tutorialsruby
Vulnerability & Exploit Trends: A Deep Look Inside the Data
Vulnerability & Exploit Trends: A Deep Look Inside the Data
Kenna
Similar to DevOps Boston - Heartbleed at Acquia
(20)
Iot demoday nov_2014
Iot demoday nov_2014
nodebots presentation @seekjobs
nodebots presentation @seekjobs
DrupalGov2014 Heartbleed
DrupalGov2014 Heartbleed
Kubernetes Native Java
Kubernetes Native Java
Joxean Koret - Database Security Paradise [Rooted CON 2011]
Joxean Koret - Database Security Paradise [Rooted CON 2011]
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
CONFidence 2018: Darknet traffic - what can we learn from nooks and crannies ...
Fosdem10
Fosdem10
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
All Your IOPS Are Belong To Us - A Pinteresting Case Study in MySQL Performan...
Exploring the Internet of Things Using Ruby
Exploring the Internet of Things Using Ruby
AEO Training - 2023.pdf
AEO Training - 2023.pdf
Techniques of attacking ICS systems
Techniques of attacking ICS systems
How to Run Solr on Docker and Why
How to Run Solr on Docker and Why
ROBOTICS - Introduction to Robotics Microcontroller
ROBOTICS - Introduction to Robotics Microcontroller
Devops kc meetup_5_20_2013
Devops kc meetup_5_20_2013
Objectives andwarmups
Objectives andwarmups
Apache Mesos at Twitter (Texas LinuxFest 2014)
Apache Mesos at Twitter (Texas LinuxFest 2014)
The Departed: Exploit Next Generation® – The Philosophy
The Departed: Exploit Next Generation® – The Philosophy
IJTC%202009%20JRuby
IJTC%202009%20JRuby
IJTC%202009%20JRuby
IJTC%202009%20JRuby
Vulnerability & Exploit Trends: A Deep Look Inside the Data
Vulnerability & Exploit Trends: A Deep Look Inside the Data
More from Marc Seeger
The current state of anonymous filesharing
The current state of anonymous filesharing
Marc Seeger
Lunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and Capybara
Marc Seeger
NoSQL databases
NoSQL databases
Marc Seeger
building blocks of a scalable webcrawler
building blocks of a scalable webcrawler
Marc Seeger
Communitygetriebe Android Systementwicklung
Communitygetriebe Android Systementwicklung
Marc Seeger
Eventdriven I/O - A hands on introduction
Eventdriven I/O - A hands on introduction
Marc Seeger
Alternative Infrastucture
Alternative Infrastucture
Marc Seeger
Communitygetriebene Android Systemerweiterungen
Communitygetriebene Android Systemerweiterungen
Marc Seeger
Key-Value Stores: a practical overview
Key-Value Stores: a practical overview
Marc Seeger
ZFS
ZFS
Marc Seeger
The Dirac Video CoDec
The Dirac Video CoDec
Marc Seeger
Anonimität - Konzepte und Werkzeuge
Anonimität - Konzepte und Werkzeuge
Marc Seeger
Security In Dect
Security In Dect
Marc Seeger
Social Media in der Unternehmenskommunikation
Social Media in der Unternehmenskommunikation
Marc Seeger
xDSL, DSLAM & CO
xDSL, DSLAM & CO
Marc Seeger
Ruby Xml Mapping
Ruby Xml Mapping
Marc Seeger
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
Marc Seeger
More from Marc Seeger
(17)
The current state of anonymous filesharing
The current state of anonymous filesharing
Lunch and learn: Cucumber and Capybara
Lunch and learn: Cucumber and Capybara
NoSQL databases
NoSQL databases
building blocks of a scalable webcrawler
building blocks of a scalable webcrawler
Communitygetriebe Android Systementwicklung
Communitygetriebe Android Systementwicklung
Eventdriven I/O - A hands on introduction
Eventdriven I/O - A hands on introduction
Alternative Infrastucture
Alternative Infrastucture
Communitygetriebene Android Systemerweiterungen
Communitygetriebene Android Systemerweiterungen
Key-Value Stores: a practical overview
Key-Value Stores: a practical overview
ZFS
ZFS
The Dirac Video CoDec
The Dirac Video CoDec
Anonimität - Konzepte und Werkzeuge
Anonimität - Konzepte und Werkzeuge
Security In Dect
Security In Dect
Social Media in der Unternehmenskommunikation
Social Media in der Unternehmenskommunikation
xDSL, DSLAM & CO
xDSL, DSLAM & CO
Ruby Xml Mapping
Ruby Xml Mapping
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
HdM Stuttgart Präsentationstag PPTP VPN WLAN Update
Recently uploaded
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Zilliz
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
Nanddeep Nachan
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Deepika Singh
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
Elevate Developer Efficiency & build GenAI Application with Amazon Q
Elevate Developer Efficiency & build GenAI Application with Amazon Q
Bhuvaneswari Subramani
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Dropbox
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
Remote DBA Services
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
apidays
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Zilliz
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Juan lago vázquez
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
The Digital Insurer
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
apidays
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
johnbeverley2021
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Zilliz
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
apidays
Recently uploaded
(20)
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Elevate Developer Efficiency & build GenAI Application with Amazon Q
Elevate Developer Efficiency & build GenAI Application with Amazon Q
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
DevOps Boston - Heartbleed at Acquia
1.
Marc Seeger (@rb2k) Boston
Devops Meetup May 20th 2014 at
2.
Act 1: Technology
3.
How it all
started 7:24 PM
4.
How it all
started 7:30 PM
5.
How it all
started 7:26 PM
6.
How it all
started 7:33 PM
7.
How it all
started
8.
Quick risk assessment Lucid: [00:35:27]
root@bal-2.dev:~# openssl version OpenSSL 0.9.8k 25 Mar 2009 ! Precise: [00:34:37] root@master.dev:~# openssl version OpenSSL 1.0.1 14 Mar 2012
9.
Where’s Waldo OpenSSL 8000
EC2 Machines: - 99.9% of them puppetized - Candidates: - Balancers - SVN Servers - Appliances - ELBs - 3rd party AMIs - Unique little snowflakes (Jira, Crucible,…)
10.
Let the patching
begin
11.
Rollout Australia: ! Con: - Spiders - Snakes ! Pro: -
Ops is awake
12.
Rollout
13.
Scan www
14.
Waiting on ELBs…
15.
Internal Certificates
16.
Suddenly: “reverse” Heartbleed
17.
Act 2: Communication
18.
Internal • Pre-determined chat
rooms • Dial-in conference bridges • A communication plan Thanks SSAE-16, PCI and FedRAMP… I guess :)
19.
Statuspage + Twitter *
Powered by StatusPage.io *
20.
Documentation https://docs.acquia.com/articles/heartbleed-acquia-cloud
21.
Proactive communication Phone calls
by Acquia support, TAMs, …
22.
Since then: Post mortem
23.
Since then: Incident Commander (shamelessly
stolen from Heroku) http://en.wikipedia.org/wiki/Incident_command_system
24.
Since then: Dedicated resource
to vet security threats
25.
Since then: Clean up
intranet docs
26.
Since then: Additional tooling
27.
We’re hiring (shameless self
promotion) bit.ly/acquiajobs
Download now