Security @

Large Scale

http://www.flickr.com/photos/8164746@N05/2329405200/

What is security?

… protecting your servers, code, data, network, users from the bad guys

What is large scale?

Big infra (apps, servers, routers, firewalls), lots of stored data, lots of streaming data, partners

… so much that’s humanly impossible to manage or make sense out of .. and where traditional technologies fail to be of help

What is security @ large scale?When traditional security techniques fail. Too

many devices to manage. Too much logs. Many ways of getting attacked. Lots of applications.

Multiple programming stacks. Lots of code pushed out daily. Acquisitions. Mergers.

Outsourced Service Providers. 3rd party software.

DoS – a novice as well as a sophisticated attacker’s attack

Monitor, Learn, Adapt

The mystery of DDoS

Is it the holiday traffic or a botnet? Sometimes just being a difficult or

expensive target is a win… also called raising the bar

0 days attacks @ layer 7

Telnet, FTP, SMTP, DNS, HTTP, RPC, SIP, SSHTighten up access. Let the enemy come

between the mountains.

For 90%, Internet is HTTP or World Wild Web

Amazon, Flickr, Tumblr, Gmail, Y! News, FB, Y! Finance, Twitter, Y!

Weather, G Maps

And now you have the mobile first

worms: large scale client side attacks

https://superevr.com/blog/2011/xss-in-skype-for-ios/

worms: large scale server side attacks

Step 1: Attacker shuts DBStep 2: Victim can’t do anything on the website. DB is down

Bad-man in the middle. Everywhere.

Internal is not always Internal

Advanced Persistent Threat (APT)

1 + 1 + 1 = ?

Aurora, Stuxnet

Use technology for it

Hadoop, MapReduce, Data Mining, CommonCrawler, Nutch, Splunk,

NodeJS, PhantomJS………

To win some battles, you need Avengers

Restrictive ACLs, Continuous Inventory Discovery, Proactive Vulnerability Detection, Patch

Management beyond at Web layer, Secure programming stack, Abuse Detection, Static

Analysis, Dynamic Analysis, Red Team, Trainings, Bug Recognition / Bounty program