Incident Command: The far side of the edge
Please give us a detailed overview of your session and why attendees will be excited to hear about it.
Overview
When a new security vulnerability is identified, or during a large scale Distributed Denial of Service attack, accurate and fast coordination is critical. While runbooks exist for many of the technical challenges, executing them in concert, and filling the gaps between them requires creativity and quick thinking, but also discipline, a strong ability to read situations and a willingness to make tough decisions.
As a Content Delivery Network, Fastly operates a large internetwork and a global environment which is exposed to many security issues. In 2014, recognizing the impact security events can have, Fastly developed its Incident Command protocol, which it uses to deal with large scale events. In this presentation, you’ll learn from Lisa and Tom, two experienced incident commanders, and Maarten, of the Fastly security team, how Incident Command was conceived, and the protocols that were developed within Fastly to make it work.
The three of them will share a number of war stories that illustrate how Incident Command contributed to protecting Fastly as a company, its customers, and the many end users relying on the service. Examples will include a major software vulnerability that affected a Linux component in common use across Fastly, as well as a large Distributed Denial of Service attack.
We’ll cover in detail the typical struggles a company at our size (~250 employees) runs into when building around-the-clock incident operations, and the things we’ve put in place to make dealing with security incidents easier and more effective.
Ensure that you let us know:
- What level of knowledge should attendees have before walking into your session
- The session is designed for general interest / an audience with little to no background on the topic.
- What will your session accomplish and what will attendees walk away having learned
- The talk will give the audience understanding of availability and security incidents that large global networks face and the protocols that can help.