Fast, Ever-Evolving Defenders: The Resilience Revolution

Testing

Embracing failure as a catalyst for innovation, this talk explores the resilience revolution in defense, highlighting strategies to outmaneuver attackers and transform incident response.

Key takeaways

Embracing failure as inevitable and designing for resilience is crucial for fast and ever-evolving defenders.
Attackers think in systems, while defenders think in components; adopting a systems mindset can help outmaneuver attackers.
CI/CD enables faster incident response, automated reprovisioning, and minimizes manual effort.
Modularity minimizes incident impact, keeps things separate, and enables faster patching and keeping dependencies up to date.
Design-based solutions, such as paved roads, can eliminate hazards by design and create reliable and predictable services.
Infrastructure as Code (IAC) helps correct misconfigurations, automate reprovisioning, and reduce manual effort.
Chaos experimentation seeks to understand how disruptions impact the entire system’s behavior.
Resilient stress testing builds upon decision trees and helps identify the confluence of conditions where system failure is possible.
Attackers have a faster operational tempo, can measure success effectiveness, and can design, develop, and operate mechanisms to outmaneuver defenders.
Defenders can outmaneuver attackers by becoming nimble, curious, and empirical, and by adopting a similar approach to attackers.
Designing for modularity, standardization, and isolation can help create a buffer against failures and enable faster recovery.
Paved roads, such as WALI, can establish a pattern of adding security requirements and eliminate hazards by design.
Automated systems, such as CI/CD, can help reduce manual effort and minimize the risk of human error.
Design-based defense can transform the way defenders approach security, enabling faster and more effective incident response.

Fast, Ever-Evolving Defenders: The Resilience Revolution

More talks