DevOops - Redux

Explore defensive countermeasures and real-world experiences in preventing attacks targeting DevOps environments in this 52-minute conference talk from AppSecUSA 2016. Delve into common vulnerabilities in DevOps setups and learn preventative measures for teams using AWS, Continuous Integration, GitHub, and other DevOps tools. Gain insights on AWS hardening, monitoring, and disaster recovery techniques, as well as GitHub monitoring, OPINT, secure software development practices, and developer laptop hardening for OS X. Discover how to implement secure usage of Jenkins/Hudson and improve overall DevOps security posture. Presented by Chris Gates, a Senior Security Engineer with extensive penetration testing experience, and Ken Johnson, CTO of nVisium, this talk offers valuable knowledge for both offensive and defensive security professionals working in DevOps environments.

Background: CG
Monitoring External Services
Monitoring GitHub
AWS Access Keys Example
Monitoring Goals
Host Protections
Hardening Checklist
Don't Use Root Account
Example Password Policy
Hardening Recap
AWS Cloud Trail
AWS Monitoring (SNS)
AWS Config
AWS Monitoring (Config)
AWS CloudWatch
AWS Monitoring (CloudWatch - Billing)
AWS Monitoring (CloudWatch - Root Login)
AWS Monitoring (CloudWatch - Failed Logins)
AWS Monitoring (Unauthorized Activity)
AWS Monitoring (CloudWatch) - Filter Patterns
AWS + Splunk
Monitoring Recap
AWS Restoration & Recovery
AWS Incident Response
View this Presentation Here