View
1
Download
0
Category
Preview:
Citation preview
The Lord of the Rings and Information Security in
Your Open Source Project
@amye -- amye@redhat.com1 of 17
Where’d this all come from?
2
Lighting the Beacons
3
Community Gardens as a reason to care about this
4w biscuits
The forging of the ring
5
6
Gollum
7
Frodo
8
Gandalf
9
Hobbits
10
Au Kirk
Strider
11brickaholicproductions
Discovery: Stay Calm
12
Communication:We should do that!
Communicate with:
Your team around you
Your management structure
Information Security
Legal
Public Relations
13
Keeping a running document of what’s going on where, roles and responsibilities
Secure unlisted IRC channel for key parties
Daily calls to confirm current status and next steps
Day to Day Coordination
14
Week to Week Coordination
What does done look like here?
What does success look like here?
15
Actual Remediation
Coordinate with all the people who might need to be involved
Make a checklist
Follow that checklist
16
The Council of Elrond
What happens after discovery: who needs to be involved
17
The Mines of Moria
https://www.flickr.com/photos/59263516@N08/15382035629 18
A note on legal
19
Galadriel
20
Boromir21
Good grief, Boromir.
22
The Eye of Sauron
23http://geekologie.com/
What success looks like in the Shire
24
Congratulations! You’ve survived the shadow of the angel of infosec on your doorstep.
chaostrophy
25
Real Advice26
I wish you way more than luck.
27
Recommended