Imagine waking up to find your site and service hacked. Everyone is running around, trying to find out what went wrong; you’re tasked with repairing the damage. But unfortunately, that automation project you’ve been promising yourself you’d get done has always taken a backburner to more pressing matters and features. With everyone breathing down your neck, wonder where to start. We talk with a panel of engineers who found themselves in exactly this nightmare scenario and follow them as they:
Join J. Paul Reed, aka @SoberBuildEng, Youssuf El-Kalay, aka @buildscientist, and Sascha Bates, aka @sascha_d, plus the last couple of weeks in News & Views and a new Tool Tip!
Or, download Episode 17, or any of our previous shows!
Show Links/Notes
- 1:13 – News & Views
- 1:18 – PayPal switches (part of?) its infrastructure to OpenStack
- 4:45 – Ruby 1.8.x end-of-lifed
- 6:03 – Massachusettes to “tax the cloud“?
- 7:29 – All your SimCities are Belong to Us!
- 8:17 – Footage of the SimCity carnage
- 10:01 – Main Segment: Automate Your Infrastructure in 48 Hours or Your Pizza Is Free
- 10:35 – Panel: Luke Chadwick, Sam Kottler, and Josh Timberman
- 10:50 – Ruby YAML exploit
- 28:21 – rubygems.org Chef Github repository
- 31:59 – Micro Army
- 38:40 – Incident Response Google Doc
- 50:15 – Tool Tip
Tool Tip
Paul takes a look at NagiosTV, Chris Carey’s tool for displaying Nagios alerts on your metrics/status flatscreens in the office!
Join Us!
What are you own experiences with security incident responses and automation? Where’s the line of infrastructure improvement vs. response? And are there ways to avoid this issue altogether?
Join the discussion!
- On Twitter, at @ShipShowPodcast
- Or via email us at crew@theshipshow.com