Security @ large scale
-
Upload
bishan-singh -
Category
Technology
-
view
255 -
download
2
Transcript of Security @ large scale
Security @
Large Scale
http://www.flickr.com/photos/8164746@N05/2329405200/
What is security?
… protecting your servers, code, data, network, users from the bad guys
What is large scale?
Big infra (apps, servers, routers, firewalls), lots of stored data, lots of streaming data, partners
… so much that’s humanly impossible to manage or make sense out of .. and where traditional technologies fail to be of help
What is security @ large scale?When traditional security techniques fail. Too
many devices to manage. Too much logs. Many ways of getting attacked. Lots of applications.
Multiple programming stacks. Lots of code pushed out daily. Acquisitions. Mergers.
Outsourced Service Providers. 3rd party software.
DoS – a novice as well as a sophisticated attacker’s attack
Monitor, Learn, Adapt
The mystery of DDoS
Is it the holiday traffic or a botnet? Sometimes just being a difficult or
expensive target is a win… also called raising the bar
0 days attacks @ layer 7
Telnet, FTP, SMTP, DNS, HTTP, RPC, SIP, SSHTighten up access. Let the enemy come
between the mountains.
For 90%, Internet is HTTP or World Wild Web
Amazon, Flickr, Tumblr, Gmail, Y! News, FB, Y! Finance, Twitter, Y!
Weather, G Maps
And now you have the mobile first
worms: large scale client side attacks
https://superevr.com/blog/2011/xss-in-skype-for-ios/
worms: large scale server side attacks
Step 1: Attacker shuts DBStep 2: Victim can’t do anything on the website. DB is down
Bad-man in the middle. Everywhere.
Internal is not always Internal
Advanced Persistent Threat (APT)
1 + 1 + 1 = ?
Aurora, Stuxnet
Use technology for it
Hadoop, MapReduce, Data Mining, CommonCrawler, Nutch, Splunk,
NodeJS, PhantomJS………
To win some battles, you need Avengers
Restrictive ACLs, Continuous Inventory Discovery, Proactive Vulnerability Detection, Patch
Management beyond at Web layer, Secure programming stack, Abuse Detection, Static
Analysis, Dynamic Analysis, Red Team, Trainings, Bug Recognition / Bounty program