This document discusses designing secure infrastructure for high-growth products. It covers security in product design, identifying attack surfaces and common vectors. It also discusses security in infrastructure design with layers of perimeter defense, OS and server protection and information protection. Applied cybersecurity examples show how to implement web application firewalls and block malicious traffic with open source tools at minimal cost and CPU usage while maintaining high performance.
5. 5
Security In Product Design
Security and UX
Security is shared responsibility
So how product team can help ?
6. 6
Security In Product Design
Security and UX
Security can't be separated from product design.
Thus security is built-in function, not bolt-on.
7. 7
Security In Product Design
Security and UX
Identify the "sugar" Identify attack surface
8. 8
Security In Product Design
Security and UX Identify the "sugar"
What can be stealed ?
digital wallet, stored CVV, user profile
What can be abused ?
Voucher code, Checkout loophole
9. 9
Security In Product Design
Security and UX
What can be stealed ?
Digital wallet - verification on withdrawal
Stored CVV - provides option to remove remembered card
User profile - hide from public, notification-on-change
Identify the "sugar"
10. 10
Security In Product Design
Security and UX
What can be abused ?
Trivial voucher code, make it complex, enforce rules
Checkout loophole - item on cart valid for given voucher ?
Clear and easy-to-find Terms & Conditions are important
Identify the "sugar"
11. 11
Security and UX
Common Attack Vector
Login / Signup Page
Forget Password
Uneven security implementation
Identify Attack Surface
Security In Product Design
12. 12
Security and UX
Login Page
Password Policy Captcha
Security In Product Design
Identify Attack Surface
13. 13
Security and UX
Sign Up Page
Should we allow temporary emails
or unusual country domain?
Encourage SSO login
Security In Product Design
Identify Attack Surface
14. 14
Security and UX
Forget Password Method:
Reset Password Link
Short lifespan (max. 24h)
One-time useUnique & Random
Token have at least 64 chars
https://(domainname)/click?upn=plcsQfOjjLd9LuiKK6o3B15uVuUSrfoDqpg00N...
Security In Product Design
Identify Attack Surface
15. 15
Security and UX
Uneven Security Implementation
Web desktop/mobile login
with 2FA (two-factor authentication)
Security In Product Design
Identify Attack Surface
16. 16
Security and UX
Uneven Security Implementation
Mobile Apps login
without 2FA (two-factor authentication)
Security In Product Design
Identify Attack Surface
33. 33
Security In Infrastructure Design
Perimeter Defense
OS and Servers Protection
Host Protection
Information Protection
4 Layers of Security
(defense in-depth)
Security
34. 34
Security
Security In Infrastructure Design
Perimeter Defense
Understand your perimeter
1. Setup remote probe
2. List all public ip and scan them regularly
3. Investigate any changes
"See how public sees you"
https://github.com/nccgroup/port-scan-automation
35. 35
Security
Security In Infrastructure Design
Perimeter Defense
Understand your services
1. Limit visible open port from public
2. Beware of legacy services
3. Investigate any changes
"Understand what you serve"
42. 42
Security
Security In Infrastructure Design
OS and Servers Protection
Staging Functional Test
Performance Test
Monitor - Rollback
Canary
Production
Patch Considerations
44. 44
Security
Security In Infrastructure Design
Case Studies
Serverppop0 0pP p`pp0Pp!mp0pollaboration ServerWPoMG4;gx5U2>1/H@>U@Os`o
ap@o0!ipWkRproute:proto=imapssl;user=wiraxxx@xxxco.id192.168.1.67:7993n.a9/PWp0p2C(nppRkapDpPp
!qppppppp*p0pzM192.168.1.67__infraware-p-email__7 LOGIN {30}wira136P0@o0o1oo00oollaboration Serverdoppp@0mAp
Heartbleed... on BANK !
45. 45
Security
Security In Infrastructure Design
Host Protections
1. List of accounts and ACL to access prod
2. Setup immutable logging (auditd)
3. Create documentation and changelog
4. Sent logs to SIEM to analyze abnormal activities
Access Control
"Be in control about who can get in and watchful on what they do"
47. 47
Security Information Protection
DDOS Protection
Layer
Security In Infrastructure Design
On cloud ?
Use native DDOS protection
from your cloud vendor.
On bare metal ?
Contact your ISP
Use high performance NIC
Use auto IRQ assignment
49. 49
Current Cybersecurity Landscape
Security
location / {
...
include /usr/local/.../nginx/conf/conf.d/luaphase.rules;
...
}
WAF up and running in matter of minutes for new sites.
New attack? Integrate new rules within minutes.
61. Current Cybersecurity Landscape
Performance
How "much" is ~370 Gbps?
SOLRCache ~ 1,000,000 query per second @ 7ms latency
REDIS (TCP) ~ 100,000 GET/SET per second @ 15 ms latency
REDIS (SOCK) ~ 260,000 GET/SET per second @ 1 ms latency
Constrain is on CPU
62. Current Cybersecurity Landscape
Performance
Last but not least:
MONITOR
Machine Metrics (trends and estimates)
App Runtime Metrics (what error and how much)
ALERTING
Setup 2-stage threshold (warning - error)
Hint: Telegram is faster and more practical than SMS