We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Security Chaos Engineering • Kelly Shortridge, Aaron Rinehart & Mark Miller
Discover the proactive approach to security chaos engineering, injecting faults into systems to understand their behavior under stress, and applying the scientific method to improve resilience and reduce risk.
- Security chaos engineering is a proactive approach to understanding and improving the resilience of complex systems, rather than just reacting to failures.
- Legacy systems are often critical to business operations and are a challenge to maintain and improve.
- Microservices and continuous delivery have increased the complexity of systems, making chaos engineering more important.
- The purpose of security chaos engineering is to experimentally inject faults into systems to understand how they behave under stress, rather than relying on hoping and luck.
- The goal is to measure and improve the system’s behavior, rather than just attempting to prevent failure.
- The scientific method is applied to security chaos engineering, with experimentation and data analysis informing decisions.
- The concept of “mental model” is important, referring to a representation of how a system is expected to behave, which may not always align with reality.
- Humans are a critical part of the system and should be considered in the design of chaos engineering experiments.
- Legacy systems often lack instrumentation and observability, making it difficult to understand how they behave.
- It is important to balance the complexity of systems with instrumentation and feedback loops to improve resilience.
- The book aims to provide a practical guide to security chaos engineering, with examples and case studies.
- The full book will cover more depth and breadth than the first 90 pages, including extended examples and case studies.