1Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Software Engineering InstituteCarnegie Mellon UniversityPittsburgh, PA 15213
© 2016 Carnegie Mellon UniversityApproved for Public Release; Distribution is Unlimited
Applying DevOps Principles to Address Dynamic Changes in Cyber Security
Hasan Yasar & Aaron Volkmann
2Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Copyright 2016 Carnegie Mellon University
This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center.
Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Department of Defense.
NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
[Distribution Statement A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution.
This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at [email protected].
CERT® is a registered mark of Carnegie Mellon University.
DM-0003342
3Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Dynamic Cyber Threats
4Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
100,000 new malicious IP addresses per day in 2015 97% of malware is unique to a specific endpointIn 2016, over 50% of users will encounter a 0-day phishing site *
* http://webroot-cms-cdn.s3.amazonaws.com/7814/5617/2382/Webroot-2016-Threat-Brief.pdf
5Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Network
6Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
7Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Malicious Binary
8Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Malicious Binary
9Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Malicious Binary
Database
10Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Malicious Binary
Database
11Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
12Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
Host?
13Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
Host?
Host?
14Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
Host?
Host?
15Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
Host?
Host?
16Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
Host?
Host?
17Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host
Host?
Host
18Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host
Host?
Host
19Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host
Host?
Host
20Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host
Host?
Host
21Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
How long do you think that will take?
Would your organization be able to do this rapidly without disrupting the business mission?
How can we coordinate this kind of movement across geographically dispersed locations?
When your network architecture is known by the bad guys, how can we deploy new network touch points rapidly?
Picture (Optional)
22Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Agile Operations: Escape harm by dynamically reshaping cyber systems as conditions / goals change
Dr. Richard Linderman - Deputy Director for Information Systems and Cyber Technologies in the Office of the Assistant Secretary of Defense, Research and Engineering
Picture (Optional)
23Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
24Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Enter DevOps
25Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Shared Goals CollaborationBusiness Needs
DevOps
26Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Shared Goals CollaborationBusiness Needs
DevOps
Development Operations
27Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Shared Goals CollaborationBusiness Needs
DevOps
Development Operations
Operations Security Analysts
28Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
DevOps Values
Culture – Break down team barriers, blame-free culture focused on innovation
Automation of tasks, processes, and workflows
Measurement – Know what’s working and where to do better
Sharing tools, discoveries, and lessons
29Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Culture
Picture (Optional)
30Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Automation
Dynamic reconfigurationNetworksApplicationsSystems
Maneuver for deceiving threatsAutonomous reconfiguration
31Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Bridge Automation
Silos
32Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Measurement
33Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Sharing
34Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
DevOpsing Security Picture (Optional)
Dev & Ops Security Analysts
Apps / NetworkExternal Factors
Threat intelligenceSecurity feed
Feedback &Knowledge
Monitor & Change
MonitorMonitor
35Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
DevOpsing Security Picture (Optional)
Dev & Ops Security Analysts
Apps / NetworkExternal Factors
Threat intelligenceSecurity feed
Feedback &Knowledge
Monitor & Change
MonitorMonitor
36Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
37Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
38Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
39Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
#RuggedDevOps
If you see something cool…
40Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Thank You DevOps Connect Sponsors
41Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Get today’s Rugged DevOps presentations in your inbox
42Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Thanks!
Hasan YasarTechnical ManagerTelephone: +1 412.268.9219Email: [email protected]
Aaron VolkmannSenior Research EngineerTelephone: +1 412.268.8993Email: [email protected]
SEI DevOps Blog:
http://insights.sei.cmu.edu/devops
Top Related