Presented by:

Andi Sugandi

from Komunitas openSUSE Indonesia
No video of the event yet, sorry!

Computer clusters built from Docker Swarm needs proper and fully technical administrations, not only by securing the whole system from attackers, but also investigating the attack after an accident. When intruder succeeds on attacking web apps that run on Docker Swarm clusters, DevOps and security practitioner should be working together to collect the digital evidence, examine and utilize it, so finally get reviewed to help identify policy shortcomings, procedural errors, and other issues that may need to be remedied.

Those combined activities (acquisition, examination, utilization, and review) and the underlying science is called digital forensics, and when it happens or relates to computer networks, is called network forensics.

Grr Rapid Response (GRR) Framework is a comprehensive framework and network forensics tool to investigate digital evidence (example: web apps/server logs) on computer networks, or even on computer clusters built from Docker Swarm.

This talk will present the implementation of Grr Rapid Response Framework on openSUSE Server to investigate digital evidence on Docker Swarm clusters, after intruder trying to penetrate (through DDoS attacks) web apps running on those clusters.

2019 October 6 - 13:00
45 min
Ruang 203c (2nd floor)

Happening at the same time:

  1. openSUSE MicroOS
  2. Start Time:
    2019 October 6 13:00

    Ruang 203a (2nd floor)

  3. So You Wanna Be a Packager
  4. Start Time:
    2019 October 6 13:00

    Ruang 201 (2nd floor)

  5. Free healthcare solutions on openSUSE
  6. Start Time:
    2019 October 6 13:00

    Aula Suastika (4th floor)

  7. Reliable Deployments with Kubernetes and Istio
  8. Start Time:
    2019 October 6 13:00

    Ruang 203b (2nd floor)

  9. Getting started hacking Uyuni
  10. Start Time:
    2019 October 6 13:00

    Ruang 202 (2nd floor)