security @ large scale
TRANSCRIPT
![Page 1: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/1.jpg)
Security @
Large Scale
http://www.flickr.com/photos/8164746@N05/2329405200/
![Page 2: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/2.jpg)
What is security?
… protecting your servers, code, data, network, users from the bad guys
![Page 3: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/3.jpg)
What is large scale?
Big infra (apps, servers, routers, firewalls), lots of stored data, lots of streaming data, partners
… so much that’s humanly impossible to manage or make sense out of .. and where traditional technologies fail to be of help
![Page 4: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/4.jpg)
What is security @ large scale?When traditional security techniques fail. Too
many devices to manage. Too much logs. Many ways of getting attacked. Lots of applications.
Multiple programming stacks. Lots of code pushed out daily. Acquisitions. Mergers.
Outsourced Service Providers. 3rd party software.
![Page 5: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/5.jpg)
DoS – a novice as well as a sophisticated attacker’s attack
Monitor, Learn, Adapt
![Page 6: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/6.jpg)
The mystery of DDoS
Is it the holiday traffic or a botnet? Sometimes just being a difficult or
expensive target is a win… also called raising the bar
![Page 7: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/7.jpg)
0 days attacks @ layer 7
Telnet, FTP, SMTP, DNS, HTTP, RPC, SIP, SSHTighten up access. Let the enemy come
between the mountains.
![Page 8: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/8.jpg)
For 90%, Internet is HTTP or World Wild Web
Amazon, Flickr, Tumblr, Gmail, Y! News, FB, Y! Finance, Twitter, Y!
Weather, G Maps
![Page 9: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/9.jpg)
And now you have the mobile first
![Page 10: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/10.jpg)
worms: large scale client side attacks
https://superevr.com/blog/2011/xss-in-skype-for-ios/
![Page 11: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/11.jpg)
worms: large scale server side attacks
Step 1: Attacker shuts DBStep 2: Victim can’t do anything on the website. DB is down
![Page 12: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/12.jpg)
Bad-man in the middle. Everywhere.
![Page 13: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/13.jpg)
Internal is not always Internal
![Page 14: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/14.jpg)
Advanced Persistent Threat (APT)
1 + 1 + 1 = ?
Aurora, Stuxnet
![Page 15: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/15.jpg)
Use technology for it
Hadoop, MapReduce, Data Mining, CommonCrawler, Nutch, Splunk,
NodeJS, PhantomJS………
![Page 16: Security @ large scale](https://reader036.vdocuments.mx/reader036/viewer/2022062313/557dc161d8b42a8a188b5094/html5/thumbnails/16.jpg)
To win some battles, you need Avengers
Restrictive ACLs, Continuous Inventory Discovery, Proactive Vulnerability Detection, Patch
Management beyond at Web layer, Secure programming stack, Abuse Detection, Static
Analysis, Dynamic Analysis, Red Team, Trainings, Bug Recognition / Bounty program