Privacy as Risk Assessment and Risk Mitigation
Rootconf
Rootconf

Privacy as Risk Assessment and Risk Mitigation

Learn how to design organizations that manage risk

All submissions

Libin Babu

@li

Suchith Narayan

@suchith

SRIHARSHA ROUTHU

@sriharsharouthu

Responding to Lo4J RCE using Honeypots, Simulation and WAF rules

Submitted Mar 8, 2022

The Log4J RCE took all of us by surprise last December. The ubiquity of the library, the impact of the exploit (full server control), and ease of exploitation made it the perfect storm for DevOps and Security professionals.

At Razorpay with high throughput systems which are always online, it was quite tricky to mitigate and upgrade our systems to secure versions, all while checking for new attack patterns and testing our defenses. In this talk, we will cover the multi pronged (short, medium, long-term) approach we took to manage risk from the Log4J RCE. Specifically, we would cover:

  • Attack simulation to detect vulnerable endpoints
  • Why AWS-managed WAF rules were not enough and what we needed to do to mitigate the risk
  • Using honeypot results to detect WAF bypasses.
  • Updating WAF rules based on the identified bypasses
All submissions

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

Rootconf
Rootconf
We care about site reliability, cloud costs, security and data privacy

Supported by

Omidyar Network India
Omidyar Network India
Omidyar Network India invests in bold entrepreneurs who help create a meaningful life for every Indian, especially the hundreds of millions of Indians in low-income and lower-middle-income populations, ranging from the poorest among us to the existing middle class. To drive empowerment and social i… more
Privacy Mode
Privacy Mode
Deep dives into privacy and security, and understanding needs of the Indian tech ecosystem through guides, research, collaboration, events and conferences. Sponsors: Privacy Mode’s programmes are sponsored by: more