If you can't read please download the document
Upload
devseccon-limited
View
171
Download
0
Embed Size (px)
Citation preview
Public And Private Cloud Meta-Data And Why It Is Useful
Public And Private Cloud Metadata And Why It Is Useful
Steven Armstrong
Who Am I And What Do I Do?
Steven Armstrong
Principal Automation Engineer @Betfair
I make invisible robots
Working in configuration management for 9 years
DevOps practitioner
Build continuous integration and deployment pipelines
Automate everything, always
Security Has Changed
https://lh6.googleusercontent.com/UoG1Rt_Sut6dPfAOHbtmzUqEZFbuL0bAIWZem-UYk4A40srgqCsjeXsikTxPF7h-fz9Gvx0_sO95ekKf6hRW6j5vAKxIYnsJCIffi58Clvlf610JEvp4nABYocboK5P6ED3i7O8So Security Processes Need To Evolve
https://insights.sei.cmu.edu/assets/content/CISecurityChecking2.pngDevOps Processes Should Mean..
https://lh6.googleusercontent.com/TKt2vCbrJ5gFzS_tKpp61RkaUH7oZG9rBxmhWh3UPVmPu7S2tE2ESUIShvA8efHNh9JqKRWWYmd6Vi9Eu-PVR9WdLVaez98w0sHpUtvXUIQZ6eAb_9mebyzy8z8hpN3L7DL6aGwAnd Should Make PCI Easier
https://lh4.googleusercontent.com/aR8AfZwUWGKUVHXrzS_Ssz30p960FQ6JvQYmzx8Frqlu9ZmD3OG3TZPZgKQGaZx6u38AfR-5BK4Sddwi8t5GyoS3NL5GA2CCkF3Trv5aYcstqklr65Us1oEBDN5gu8elo5dEhlICurrent Situation With Some Security Practitioners
https://lh4.googleusercontent.com/PFQe-9nSgyI0wJfzFYqYsoHLTcqRwzAiKLBtKcuwrGqY3Fujdhq53PuHsmkhhircSzkmgJvdayM8XyhTI5UOx-TTxkDrV51uAhXwQmeHhfWoPZBX7IQgkDZDq1MsUSSf6Ddjgh8Current Viewpoint Of Some IT Staff
https://lh6.googleusercontent.com/h9_-ygbZZDPs20Ua_wUxBS0EmVkg89XlXw_NO3fS-wGkUSTC4I15QDcyyX6w4rpVCEUNK-lCx1QjOWGa0O8jP1jU5LeoZE_niqv7yL0cgKskUzMXPZyOBLvpIVYO-AnYIKOtnCkDevOps And Security Practitioners Have A Responsibility To Avoid
http://images.sodahead.com/polls/003900393/432928432_Blocked_xlarge.jpegWe Need To Help Avoid
https://lh4.googleusercontent.com/HiAgDY_-nYeJkenIJvGF42F4jEuypQKRxcNTZosGuFQeZ842ZKo7XzlWzJ3umOsbjMDvQePW6F25o1wMXLaW7wzFMN51c2aC5N8t95AP5P6f-QtoO0B_5KjPoc_gTmoJIJRUi9cAnd Move To This
https://pearlsofprofundity.files.wordpress.com/2014/06/information-is-power-2.jpgHow Cloud Metadata Can Help Sort Information
https://lh4.googleusercontent.com/ozQhgFVUF5_aobxNU9rfIZUR2alIEWhh2_3FEuE9lVjwn8McTFYo_xoeZSK7uaFOb3aqphrdzIMr3D02sl2i16u9QV_2EwGaNyc2mQzXue3ahiDkiWbflJDBCweRUL06wa8J_WYIntroducing Ansible To Help
http://img.memecdn.com/fuck-you-i-will-tag-everything_fb_739409.jpghttps://moozing.files.wordpress.com/2015/08/ansible-logo.pngAnsible Inventory File
https://moozing.files.wordpress.com/2015/08/ansible-logo.pngProvision VMs or Physical Servers tag with metadata
Ansible Dynamic Inventory
Python dynamic inventory file queries underlying apis to act as a service discovery tool
Returns json inventory in real time of cloud estate
Filter machines based on tags
Carry out particular operations on servers using filters
ansible-playbook i openstack.py l riemann_qa playbooks/run_chef.yml
https://moozing.files.wordpress.com/2015/08/ansible-logo.pngAll Cloud Providers Have Metadata And Ansible Dynamic Inventories
https://upload.wikimedia.org/wikipedia/commons/thumb/8/80/The_OpenStack_logo.svg/2000px-The_OpenStack_logo.svg.pnghttps://regmedia.co.uk/2012/06/21/red_hat_logo.png?x=1200&y=794http://freshservice.com/files/7914/3867/5085/Freshservice-AWS.jpghttps://www.mirantis.com/wp-content/uploads/2013/02/vmware_view_pilot-5132020.jpghttp://www.severalnines.com/sites/default/files/acs_logo.pngDevOps Use Case: Install software on boxes
ansible-playbook i openstack.py l riemann_prod playbooks/run_chef.yml
DevOps Use Case: Roll boxes off load balancer at a particular version and new boxes into service
ansible-playbook i openstack.py l riemann_prod playbooks/loadbalancer.yml
Security Use Case: Assign Servers To Teams or Owners
ansible-playbook i openstack.py l production playbooks/email_owners.yml
Security Use Case: Tag Open Vulnerabilities On Boxes
Security Use Case: Targeted Patching or Updates Like Shellshock
ansible-playbook i openstack.py l production playbooks/ad_hoc_patch.yml
Lots More Possibilities
http://www.quotehd.com/imagequotes/authors19/tmb/richard-seaworth-quote-i-think-were-only-scratching-the-surface-on-the.jpgQuestions?
https://jessicalaurenjane.files.wordpress.com/2014/01/never.jpgContact
Info: [email protected]
Blog: http://www.devarmstrongops.blogspot.co.uk/
tweet: @Steve9Armstrong
!!!Come to our continuous delivery workshop later today which will
show Betfairs deployment pipeline and how we have integrated
security scanning into it!!!
Click to edit Master title style
Click to edit Master text styles
Second level
Third level
Fourth level
Fifth level
http://devseccon.com/images/bw-room-blue.JPGClick to edit Master title style
Click to edit Master subtitle style
LONDON 2015
Join the conversation #devseccon
Click to edit Master title style
Click to edit Master text styles
Second level
Third level
Fourth level
Fifth level
http://devseccon.com/images/bw-room-blue.JPGClick to edit Master title style
LONDON 2015
Join the conversation #devseccon
Click to edit Master title style
Click to edit Master text styles
04/10/2015
Click to edit Master title style
Click to edit Master text styles
Second level
Third level
Fourth level
Fifth level
Click to edit Master text styles
Second level
Third level
Fourth level
Fifth level
04/10/2015
Click to edit Master title style
Click to edit Master text styles
Click to edit Master text styles
Second level
Third level
Fourth level
Fifth level
Click to edit Master text styles
Click to edit Master text styles
Second level
Third level
Fourth level
Fifth level
04/10/2015
Click to edit Master title style
04/10/2015
04/10/2015
Click to edit Master title style
Click to edit Master text styles
Second level
Third level
Fourth level
Fifth level
Click to edit Master text styles
04/10/2015
Click to edit Master title style
Click icon to add picture
Click to edit Master text styles
04/10/2015
Click to edit Master title style
Click to edit Master text styles
Second level
Third level
Fourth level
Fifth level
04/10/2015
Click to edit Master title style
Click to edit Master text styles
Second level
Third level
Fourth level
Fifth level
04/10/2015