applying devops principles to address dynamic changes in cyber security
TRANSCRIPT
![Page 1: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/1.jpg)
1Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Software Engineering InstituteCarnegie Mellon UniversityPittsburgh, PA 15213
© 2016 Carnegie Mellon UniversityApproved for Public Release; Distribution is Unlimited
Applying DevOps Principles to Address Dynamic Changes in Cyber Security
Hasan Yasar & Aaron Volkmann
![Page 2: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/2.jpg)
2Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Copyright 2016 Carnegie Mellon University
This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center.
Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Department of Defense.
NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
[Distribution Statement A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution.
This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at [email protected].
CERT® is a registered mark of Carnegie Mellon University.
DM-0003342
![Page 3: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/3.jpg)
3Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Dynamic Cyber Threats
![Page 4: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/4.jpg)
4Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
100,000 new malicious IP addresses per day in 2015 97% of malware is unique to a specific endpointIn 2016, over 50% of users will encounter a 0-day phishing site *
* http://webroot-cms-cdn.s3.amazonaws.com/7814/5617/2382/Webroot-2016-Threat-Brief.pdf
![Page 5: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/5.jpg)
5Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Network
![Page 6: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/6.jpg)
6Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
![Page 7: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/7.jpg)
7Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Malicious Binary
![Page 8: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/8.jpg)
8Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Malicious Binary
![Page 9: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/9.jpg)
9Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Malicious Binary
Database
![Page 10: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/10.jpg)
10Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Malicious Binary
Database
![Page 11: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/11.jpg)
11Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
![Page 12: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/12.jpg)
12Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
Host?
![Page 13: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/13.jpg)
13Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
Host?
Host?
![Page 14: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/14.jpg)
14Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
Host?
Host?
![Page 15: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/15.jpg)
15Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
Host?
Host?
![Page 16: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/16.jpg)
16Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host?
Host?
Host?
![Page 17: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/17.jpg)
17Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host
Host?
Host
![Page 18: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/18.jpg)
18Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host
Host?
Host
![Page 19: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/19.jpg)
19Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host
Host?
Host
![Page 20: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/20.jpg)
20Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Host
Host
Host?
Host
![Page 21: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/21.jpg)
21Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
How long do you think that will take?
Would your organization be able to do this rapidly without disrupting the business mission?
How can we coordinate this kind of movement across geographically dispersed locations?
When your network architecture is known by the bad guys, how can we deploy new network touch points rapidly?
Picture (Optional)
![Page 22: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/22.jpg)
22Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Agile Operations: Escape harm by dynamically reshaping cyber systems as conditions / goals change
Dr. Richard Linderman - Deputy Director for Information Systems and Cyber Technologies in the Office of the Assistant Secretary of Defense, Research and Engineering
Picture (Optional)
![Page 23: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/23.jpg)
23Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
![Page 24: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/24.jpg)
24Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Enter DevOps
![Page 25: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/25.jpg)
25Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Shared Goals CollaborationBusiness Needs
DevOps
![Page 26: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/26.jpg)
26Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Shared Goals CollaborationBusiness Needs
DevOps
Development Operations
![Page 27: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/27.jpg)
27Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Shared Goals CollaborationBusiness Needs
DevOps
Development Operations
Operations Security Analysts
![Page 28: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/28.jpg)
28Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
DevOps Values
Culture – Break down team barriers, blame-free culture focused on innovation
Automation of tasks, processes, and workflows
Measurement – Know what’s working and where to do better
Sharing tools, discoveries, and lessons
![Page 29: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/29.jpg)
29Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Culture
Picture (Optional)
![Page 30: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/30.jpg)
30Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Automation
Dynamic reconfigurationNetworksApplicationsSystems
Maneuver for deceiving threatsAutonomous reconfiguration
![Page 31: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/31.jpg)
31Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Bridge Automation
Silos
![Page 32: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/32.jpg)
32Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Measurement
![Page 33: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/33.jpg)
33Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Sharing
![Page 34: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/34.jpg)
34Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
DevOpsing Security Picture (Optional)
Dev & Ops Security Analysts
Apps / NetworkExternal Factors
Threat intelligenceSecurity feed
Feedback &Knowledge
Monitor & Change
MonitorMonitor
![Page 35: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/35.jpg)
35Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
DevOpsing Security Picture (Optional)
Dev & Ops Security Analysts
Apps / NetworkExternal Factors
Threat intelligenceSecurity feed
Feedback &Knowledge
Monitor & Change
MonitorMonitor
![Page 36: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/36.jpg)
36Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
![Page 37: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/37.jpg)
37Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
![Page 38: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/38.jpg)
38Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
![Page 39: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/39.jpg)
39Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
#RuggedDevOps
If you see something cool…
![Page 40: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/40.jpg)
40Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Thank You DevOps Connect Sponsors
![Page 41: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/41.jpg)
41Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Picture (Optional)
Get today’s Rugged DevOps presentations in your inbox
![Page 42: Applying DevOps Principles to Address Dynamic Changes in Cyber Security](https://reader035.vdocument.in/reader035/viewer/2022070602/587b89921a28ab9d448b6c49/html5/thumbnails/42.jpg)
42Fighting Dynamic Cyber Threats with DevOpsFebruary 29, 2016© 2016 Carnegie Mellon University
Approved for Public Release; Distribution is Unlimited
Thanks!
Hasan YasarTechnical ManagerTelephone: +1 412.268.9219Email: [email protected]
Aaron VolkmannSenior Research EngineerTelephone: +1 412.268.8993Email: [email protected]
SEI DevOps Blog:
http://insights.sei.cmu.edu/devops