GDS-Austin - DevSecOps & Security Chaos Engineering

•

2 gefällt mir•689 views

DevSecOps & Security Chaos Engineering - "Knowing the Unknown" - "Resilience is the story of the outage that didn’t happen". - John Allspaw Our systems are becoming more and more distributed, ephemeral, and immutable in how they function in today’s ever-evolving landscape of contemporary engineering practices. Not only are we becoming more complex but the rate of velocity in which our systems are now interacting, and evolving is making the work more challenging for us humans. In this shifted paradigm, it is becoming problematic to comprehend the operational state, health and safety of our systems. In this session Aaron will uncover what Chaos Engineering is, why we need it, and how it can be used as a tool for building more performant, safe and secure systems. We will uncover the importance of using Chaos Engineering in developing a learning culture through system experimentation. Lastly, we will walk through how to get started using Chaos Engineering as well as dive into how it can be applied to cyber security and other important engineering domains.

Ingenieurwesen

@aaronrinehart
“Resilience is the story of the outage that never happened.” - John Allspaw
@verica_io #chaosengineering

Aaron Rinehart
Contact Info
Rinehart.Aaron@gmail.com
@aaronrinehart
2

All components could be
100% correct,
and yet the system exhibits
undesirable behavior.

How do we survive
the undesirable effects
of complex systems?

So what does this have to
do with Security?

How do We Avoid
Drifting into The
Unknown?

SECURITY INCIDENTS
ARE NOT
DETECTIVE MEASURES

• ChatOps Integration
• Configuration-as-Code
• Example Code & Open
Framework
ChaoSlingr Product Features
• Serverless App in AWS
• 100% Native AWS
• Configurable Operational
Mode & Frequency
• Opt-In | Opt-Out Model

“If it ain’t broke,
try harder”
- Chaos
Philosophy
Think Differently

Weitere ähnliche Inhalte

Was ist angesagt?

Human errors and misconfiguration-based vulnerabilities have become a major cause of data breaches and other forms of security attacks in cloud-native infrastructure (CNI). The dynamic and complex nature of CNI and the underlying distributed systems further complicate these challenges. Hence, novel security mechanisms are imperative to overcome these challenges. Such mechanisms must be customer-centric, continuous, not focused on traditional security paradigms like intrusion detection. We tackle these security challenges via Risk-driven Fault Injection (RDFI), a novel application of cyber security to chaos engineering. Chaos engineering concepts (e.g. Netflix’s Chaos Monkey) have become popular since they increase confidence in distributed systems by injecting non-malicious faults (essentially addressing availability concerns) via experimentation techniques. RDFI goes further by adopting security-focused approaches by injecting security faults that trigger security failures which impact on integrity, confidentiality, and availability. Safety measures are also employed such that impacted environments can be reversed to secure states. Therefore, RDFI improves security and resilience drastically, in a continuous and efficient manner and extends the benefts of chaos engineering to cyber security. We have researched and implemented a proof-of-concept for RDFI that targets multi-cloud enterprise environments deployed on AWS and Google cloud platform.

Chaos engineering for cloud native security

Kennedy

AllDayDevOps Security Chaos Engineering 2019

Aaron Rinehart

Using security to drive chaos engineering

Dinis Cruz

The reactionary state of the industry means that we quickly identify the ‘root cause’ in terms of ‘human-error’ as an object to attribute and shift blame. Hindsight bias often confuses our personal narrative with truth, which is an objective fact that we as investigators can never fully know. The poor state of self-reflection, human factors knowledge, and the nature of resource constraints further incentivize this vicious pattern. This approach results in unnecessary and unhelpful assignment of blame, isolation of the engineers involved, and ultimately a culture of fear throughout the organization. Mistakes will always happen. Rather than failing fast and encouraging experimentation, the traditional process often discourages creativity and kills innovation. As an alternative to simply reacting to failures, the security industry has been overlooking valuable chances to further understand and nurture ‘accidents’ or ‘mistakes’ as opportunities to proactively strengthen system resilience. Expose the failures, build resilient systems, and develop an "Applied security" model to minimize the impact of failures. In this session we will cover discuss the role of ‘human-error’, root cause, and resilience engineering in our industry and how we can use new techniques such as Chaos Engineering to make a difference. Security focused Chaos Engineering proposes that the only way to understand this uncertainty is to confront it objectively by introducing controlled signals. During this session we will cover some key concepts in Safety & Resilience Engineering work based on Sydney Dekker’s 30 years of research into airline accident investigations and how new techniques such as Chaos Engineering are making a difference in improving our ability to learn from incidents proactively before they become destructive

AllDayDevOps 2020 Aaron Rinehart Security Differently

Aaron Rinehart

Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)

DJ Schleen

Chaos Engineering - The Art of Breaking Things in Production

Keet Sugathadasa

This session will cover the foundations DevSecOps and the application of Chaos Engineering for Cyber Security. We will cover how the craft has evolved by sharing some lessons learned driving digital transformation at the largest healthcare company in the world, UnitedHealth Group. During the session we will talk about DevSecOps, Rugged DevOps, Open Source, and how we pioneered the application of Chaos Engineering to Cyber Security. We will cover how DevSecOps and Security Chaos Engineering allows for teams to proactively experiment on recurring failure patterns in order to derive new information about underlying problems that were previously unknown. The use of Chaos Engineering techniques in DevSecOps pipelines, allows incident response and engineering teams to derive new information about the state of security within the system that was previously unknown. As far as we know Chaos Engineering is one of the only proactive mechanisms for detecting systemic availability and security failures before they manifest into outages, incidents, and breaches. In other words, Security focused Chaos Engineering allows teams to proactively, safely discover system weakness before they disrupt business outcomes.

VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"

Aaron Rinehart

Silver Lining for Miles: DevOps for Building Security Solutions

SeniorStoryteller

The complex ordeal of delivering secure and reliable software in Healthcare will continue to become exponentially more difficult unless we begin approaching the craft differently. Enter Chaos Engineering, but now also for security. Instead of a focus on resilience against service disruptions, the focus is to identify the truth behind our current state security and determine what “normal” operations actually look like when it's put to the test. The speed, scale, and complex operations within modern systems make them tremendously difficult for humans to mentally model their behavior. Security Chaos Engineering is an emerging practice that is helping engineers and security professionals realign the actual state of operational security and build confidence that it works the way it was intended to. Join Aaron Rinehart to learn how he implemented Security Chaos Engineering as a practice at the world’s largest healthcare company to proactively discover system weakness before they were taken advantage of by malicious adversaries. In this session Aaron will share his experience of applying Security Chaos Engineering to create highly secure, performant, and resilient distributed systems.

HealthConDX Virtual Summit 2021 - How Security Chaos Engineering is Changing ...

Aaron Rinehart

The Journey to DevSecOps

SeniorStoryteller

Navigating the Unknowable: Resilience through Security Chaos Engineering When applied to Cyber Security, Chaos Engineering is advancing our ability to reveal objective information about the effectiveness of operational security measures proactively through empirical experimentation. In this session we will introduce the core concepts behind this new technique and how you can get started in building and applying it.

RSAC 365 2021 Virtual Summit Spotlite Presentation on Security Chaos Engineering

Aaron Rinehart

Building Security Controls around Attack Models

SeniorStoryteller

Amy DeMartine - 7 Habits of Rugged DevOps

SeniorStoryteller

The R.O.A.D to DevOps

SeniorStoryteller

A Pragmatic Union: Security and SRE

James Wickett

Ops Happen: Improve Security Without Getting in the Way

SeniorStoryteller

Enterprise security teams are facing numerous challenges because of evolving threat vectors bypassing existing technology, deluge of alerts, and lack of skilled resources to stop advanced threats. Even if enterprises have a budget to bring in outside incident response and forensics teams to stop the bleeding, by then, damages and loss have already occurred. Security teams must change the shape of their security program to stop threats at the earliest and all stages of the attacker lifecycle. Join 451 Research Senior Analyst, Adrian Sanabria, and Director of Products at Endgame, Mike Nichols, talk about how earliest prevention and instant detection can change the shape and outcome of enterprise security program. This talk will outline strategies for: • Prioritizing the alerts and events that really matter • Identifying parts of the investigation workflow that can be automated • Building a detection methodology that creates confidence and continuously improves defenses

451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...

Adrian Sanabria

Chaos Engineering, When should you release the monkeys?

Thoughtworks

dotSecurity2017

Zane Lackey

DEVSECOPS: Coding DevSecOps journey

Jason Suttie

Was ist angesagt? (20)

Chaos engineering for cloud native security

AllDayDevOps Security Chaos Engineering 2019

Using security to drive chaos engineering

AllDayDevOps 2020 Aaron Rinehart Security Differently

Blameless Retrospectives in DevSecOps (at Global Healthcare Giants)

Chaos Engineering - The Art of Breaking Things in Production

VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"

Silver Lining for Miles: DevOps for Building Security Solutions

HealthConDX Virtual Summit 2021 - How Security Chaos Engineering is Changing ...

The Journey to DevSecOps

RSAC 365 2021 Virtual Summit Spotlite Presentation on Security Chaos Engineering

Building Security Controls around Attack Models

Amy DeMartine - 7 Habits of Rugged DevOps

The R.O.A.D to DevOps

A Pragmatic Union: Security and SRE

Ops Happen: Improve Security Without Getting in the Way

451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...

Chaos Engineering, When should you release the monkeys?

dotSecurity2017

DEVSECOPS: Coding DevSecOps journey

Ähnlich wie GDS-Austin - DevSecOps & Security Chaos Engineering

Large scale distributed systems have unpredictable and complex outcomes that are costly when security incidents occur. Security incident response today is mostly a reactive and chaotic exercise. Chaos engineering allows security incident response teams to proactively experiment on recurring incident patterns to derive new information about underlying factors that were previously unknown. What if you could flip that scenario on its head? Chaos engineering advances the security incident response framework by reversing the postmortem and preparation phase. This is done by developing live fire exercises that can be measured and managed. Contrary to red team game days, chaos engineering doesn’t use threat actor tactics, techniques, and procedures. Instead it develops teams through unique configuration, cyberthreat, and user error scenarios that challenge responders to react to events outside their playbooks and comfort zones. Join Aaron Rinehart to explore the hidden costs of security incidents, learn a new technique for uncovering system weaknesses in systems security, and more. You’ll also get a glimpse of ChaoSlingr, an open source security chaos engineering tool built and deployed within a Fortune 5 company. Aaron explains how the tool helped his team discover that many of their security controls didn’t function as intended and how, as a result, they were able to proactively improve them before they caused any real problems.

Velocity 2019 - Security Precognition 2019 Slides - San Jose 2019

Aaron Rinehart

In this session we will cover the ‘table stakes’ or the minimum foundational components in what it means to deliver high quality secure software in today’s software driven world. From gaining visibility into the software supply chain to building empathy with engineering teams through DevSecOps practices we will dive through what it takes to play the bare minimum hand and how that contributes to improving value-velocity and faster adoption of more advanced techniques such as Chaos Engineering.

Nexus User Conference DevOps "Table Stakes": The minimum required to play the...

Aaron Rinehart

Some security experts would tell you that security testing is very different from functional or non-functional software testing. They are wrong. Having worked on both sides, Paco gives 3 specific recommendations for how testers can make significant contributions to the security of their software and applications by making small changes to the way they do their software testing. The first technique has to do with selecting points in the user journey that are ripe for security testing. The second is to leverage some common free tools that enable security tests. The final technique is adjusting old school boundary value testing and equivalence class partitioning to incorporate security tests. The result is a lot of security testing done and issues fixed long before any security specialists arrive. Key Takeaways: -Great places in the user journey to inject security tests - Ways to augment existing test approaches to cover security concerns - Typical security tools that are free, cheap, and easy for software testers

Zen and the art of Security Testing

TEST Huddle

How to be Wrong (or How to be Successful at Being Wrong)

Russell Miles

CAST 2014 New York: The Art and Science of Testing The Association for Software Testing www.associationforsoftwaretesting.org COURSE DESCRIPTION Automated tools provide test professionals with the capability to make relevant observations even in the fastest-paced environments. Automated testing is also a powerful tool for improving communication between software engineers. This is important because good communication is a prerequisite for growing a great software engineering organization. This workshop will explore the continuous testing of software systems. Special focus will be given to the situation where the engineering team is deploying code to production so frequently that it is not possible to perform deep regression testing before each release. People who participate in this course will learn pragmatic automated testing strategies like: * Data analysis on the command line with find, grep and wc. * Network analysis with Chrome Inspector, Charles and netcat. * Using code churn to predict hotspots where bugs may occur. * Putting stack traces in context with automated SCM blame emails. * Using statsd to instrument a whole application. * Testing in production. * Monitoring-as-testing. Technical level: participants should have some familiarity with the command line and with editing code using a text editor or IDE. Familiarity with Git, SVN or another version control system is helpful but not required. Likewise some knowledge of Web servers is helpful but not required. It is desirable for participants to bring laptops. BIO From 2010 to 2012 Noah was a Test Architect at Etsy. He helped build Etsy's continuous integration system, and has helped countless other engineers develop successful automated testing strategies.These days Noah is an independent consultant in New York. He is passionate about helping engineers understand and use automated tools as they work to scale their applications more effectively.

Continuous Automated Testing - Cast conference workshop august 2014

Noah Sussman

Normal accidents and outpatient surgeries

Jonathan Creasy

Automatic Assessment of Failure Recovery in Erlang Applications

Jan Henry Nystrom

Secrets and Mysteries of Automated Execution Keynote slides

Alan Richardson

Move Fast and Fix Things

Dan Kaminsky

Human is an amateur; the monkey is an expert. How to stop trying to secure yo...

Vlad Styran

In Green Custard's 19th Friday talk, Zoltan explores the subject of Chaos Engineering Topics covered: - What is chaos engineering? - Why would anyone do this? - Availability - Chaos engineering in practice - The four golden signals - Chaos engineering in practice - Chaos Monkey - The Simian Army Green Custard is a custom software development consultancy. To discover more about their work and the team visit www.green-custard.com.

Green Custard Friday Talk 19: Chaos Engineering

Green Custard

CHAOS ENGINEERING – OR LET'S SHAKE THE TREE

Jimmy Dahlqvist

Exploratory Testing in an Agile Context

Elisabeth Hendrickson

Monkey Testing: A Unique Style Testing Which Boosts The Power Of Manual Testing

BugRaptors

Artificial intelligence and intelligent system are no longer a utopian vision of the future: they are our new reality. In a world which seems every day more dominated by algorithmic intelligence, what is the role of human expertise in a world dominated by intelligent machines? In this presentation, we will try to answer this question by bridging the gap between the research on complex systems and tools for creativity, discussing what we believe to be the key design principles and perspective on how to deploy machine learning and AI models into products used by experts and creatives.

The Dark side of AI: Psychology of automation for data scientists - Alex Pall...

Institute of Contemporary Sciences

Elastix network security guide

Cristian Calderon

The limits of unit testing by Craig Stuntz

QA or the Highway

The Limits of Unit Testing by Craig Stuntz

QA or the Highway

Chaos engineering

Alberto Acerbis

The speed and scale of complex system operations within cloud-driven architectures make them extremely difficult for humans to mentally model their behavior. This often results in unpredictable and catastrophic outcomes that become costly when unexpected security incidents occur. There is a need to realign the actual state of operational security measures in order to maintain an acceptable level of confidence that our security actually works when we need it to. As an alternative to simply reacting to failures, the security industry has been overlooking valuable chances to further understand and nurture ‘accidents’ or ‘mistakes’ as opportunities to proactively strengthen system resilience. Chaos Engineering allows us to proactively expose the failures, build resilient systems, and develop an "Applied Security" model to minimize the impact of failures. Chaos Engineering allows for security teams to proactively experiment and derive new information about underlying factors that were previously unknown. This is done by developing live fire exercises that can be measured, managed, and automated. Contrary to Red/Purple Team exercises, chaos engineering does not use threat actor or adversarial tactics, techniques and procedures. As far as we know it Chaos Engineering is the only proactive mechanism for detecting availability and security incidents before they happen. We proactively introduce turbulent conditions, faults, and failures into our systems to determine the conditions by which our security will fail before it actually does. In this session we will introduce a new concept known as Security Chaos Engineering and how it can be applied to create highly secure, performant, and resilient distributed systems.

ADDO - Navigating the DevSecOps App-ocalypse 2020

Aaron Rinehart

Ähnlich wie GDS-Austin - DevSecOps & Security Chaos Engineering (20)

Velocity 2019 - Security Precognition 2019 Slides - San Jose 2019

Nexus User Conference DevOps "Table Stakes": The minimum required to play the...

Zen and the art of Security Testing

How to be Wrong (or How to be Successful at Being Wrong)

Continuous Automated Testing - Cast conference workshop august 2014

Normal accidents and outpatient surgeries

Automatic Assessment of Failure Recovery in Erlang Applications

Secrets and Mysteries of Automated Execution Keynote slides

Move Fast and Fix Things

Human is an amateur; the monkey is an expert. How to stop trying to secure yo...

Green Custard Friday Talk 19: Chaos Engineering

CHAOS ENGINEERING – OR LET'S SHAKE THE TREE

Exploratory Testing in an Agile Context

Monkey Testing: A Unique Style Testing Which Boosts The Power Of Manual Testing

The Dark side of AI: Psychology of automation for data scientists - Alex Pall...

Elastix network security guide

The limits of unit testing by Craig Stuntz

The Limits of Unit Testing by Craig Stuntz

Chaos engineering

ADDO - Navigating the DevSecOps App-ocalypse 2020

Kürzlich hochgeladen

Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRLS IN bhubaneswar ESCORT SERVICE❤CALL GIRL No Advance Pay 💋💋 Book Now +91-9777949614 Discover Bhubaneswar Finest Call GirlsY ou're heading to Bhubaneswar for business or pleasure and want to experience the city to the fullest. What better way than in the company of a beautiful, intelligent companion to show you around town? Look no further than Bhubaneswar's finest Call Girls. These lovely ladies know all the hot spots and hidden gems that only locals are privy to. From the top restaurants and bars to the most stunning sights, they'll ensure you make unforgettable memories.

Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...

Call Girls Mumbai

Employee leave management system project.

Kamal Acharya

+97470301568 Qatar THC Oil and weed in Qatar? Where can I get THC vape in Doha Qatar?WhatsApp +97470301568 Buy Weed, Cocaine, Heroin and Shrooms in France,Germany, Poland Serbia,Romania, Ukraine WhatsApp +97470301568 Buy Weed, Cocaine, Heroin and Shrooms in Dubai UAE Malaysia Oman Kuwait Bahrain Saudi Arabia Qatar Where can I get weed in Qatar? Where can I get THC vape in Doha Qatar?WhatsApp +97470301568 Buy Weed, Cocaine, Heroin and Shrooms in France,Germany, Poland Serbia,Romania, UkraineWhatsApp +97470301568 Buy Weed, Cocaine, Heroin and Shrooms in Dubai UAE Malaysia Oman Kuwait Bahrain Saudi Arabia Qatar WhatsApp+97470301568 WhatsApp +97470301568 Buy Weed, Cocaine, Heroin and Shrooms in Qatar Dubai UAE Malaysia Oman Kuwait Bahrain Saudi Arabia #Singapore #Jordan #Ireland, #Belgium, #United Kingdom, #Iceland, #*Portugal, Spain, China, Japan, Turkey, Canada United States, Morocco, France,Germany, Poland Serbia,Romania, Ukraine, and all countries United Arab Emirates . Our team has succesfully delivered in 26 different countries . All marijuana and Cocaine is double vacuum packed before shipping, making it completely odorless to ensure that it arrives safely to your door. Our distribution crew is expert at making packages that blend in with the rest of the mail. We have also put into place many other security measures to ensure the security of our customers. buy weed Dubai +97470301568buy Weed Qatar #Buy Weed Kuwait #Buy Weed Bahrain #Buy #Weed #Oman #Buy Weed UAE #Buy Weed Abu Dhabi @Buy Weed Doha Qatar #@Buy Weed Ajman #@Buy Weed Online #@Buy Weed UK #@Buy Weed Iceland #*@Buy Weed All Countries Below are the various strains of kush available ; buy hash and Weed in dubai,abu dhabi,sharjah where to buy weed in doha,where can i find weed in jeddah,Can I get weed delivered to Riyadh?,Buy weed Online Jeddah Saudi Arabia,Buy Weed and THC Cannabis Oil online ,QATAR , DOHA buy kush in DOHA , buy kush in DOHAWeed in QATAR # DOHA Buy Weed and THC Cannabis Oil online who delivers at your own location in Qatar Doha ,Kuwait ,Dubai including cannabis / weed,Where can I find weed in Dubai as a tourist?,Is marijuana allowed in Dubai ? How much is medical marijuana in Dubai ?Is weed legal in Dubai ?How to get marijuana in Saudi Arabia Do people in Saudi Arabia smoke weed ? Is Hash legal in Saudi Arabia ? Where is marijuana the most illegal?Can you get weed in Baku? Dubai, United Arab Emirates Canabis smokers - Dubai, Buy Marijuana Products Online in UAE Desertcart ships the Marijuana products in Dubai ,Abu Dhabi, Sharjah, Al Ain, Ajman and more cities in UAE. Get unlimited free shipping in 164+ countries Buy Weed Products Online in Saudi Arabia Order thc Weed in Saudi Arabia Order thc Weed in Saudi Arabia Order thc Weed in Saudi Arabia Order thc Weed in Saudi Arabia Buy Marijuana Saudi Arabia weed in jeddahis cbd legal in saudi arabia cali tins smoke in saudi arabia drug use saudi arabia Buy weed marijuana. White Widow OG #Kush Sensi Star x ak 47 Afghan

+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...

Health

Introduction to Serverless with AWS Lambda

Omar Fathy

Unleashing the Power of the SORA AI lastest leap

RishantSharmaFr

Air Compressor reciprocating single stage

Abc194748

Bridge Jacking Design Sample Calculation.pptx

nuruddin69

HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR

KOUSTAV SARKAR

Minimum and Maximum Modes of microprocessor 8086

anil_gaur

Rule 1 − Check for the blocks connected in series and simplify. Rule 2 − Check for the blocks connected in parallel and simplify. Rule 3 − Check for the blocks connected in feedback loop and simplify. Rule 4 − If there is difficulty with take-off point while simplifying, shift it towards right. Rule 5 − If there is difficulty with summing point while simplifying, shift it towards left. Rule 6 − Repeat the above steps till you get the simplified form, i.e., single block.

Block diagram reduction techniques in control systems.ppt

NANDHAKUMARA10

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

ssuser89054b

GAS POWER CYCLES Cycles: Otto, Diesel, Dual, Brayton - Calculation of mean effective pressure - Air standard efficiency - Comparison of cycles INTERNAL COMBUSTION ENGINES Classification - Components and their function - valve timing diagram and port timing diagram - actual and theoretical p-v diagram of two stroke and four stroke engines – carburettor - diesel pump and injector system - battery and magneto ignition system - principles of combustion and detonation in CI engines - lubrication and cooling systems - performance parameters and calculations.

Thermal Engineering Unit - I & II . ppt

DineshKumar4165

scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...

HenryBriggs2

data_management_and _data_science_cheat_sheet.pdf

JiananWang21

“HOSTEL MANAGEMENT SYSTEM” is a software developed for managing various activities in the hostel. For the past few years the number of educational institutions are increasing rapidly. Thereby the number of hostels are also increasing for the accommodation of the students studying in this institution. And hence there is a lot of strain on the person who are running the hostel and software’s are not usually used in this context. This particular project deals with the problems on managing a hostel and avoids the problems which occur when carried manually.

Hostel management system project report..pdf

Kamal Acharya

Generative AI or GenAI technology based PPT

bhaskargani46

HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx

SCMS School of Architecture

Thermal Engineering-R & A / C - unit - V

DineshKumar4165

Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil

Cara Menggugurkan Kandungan 087776558899

S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx

SCMS School of Architecture

Kürzlich hochgeladen (20)

Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...

Employee leave management system project.

+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...

Introduction to Serverless with AWS Lambda

Unleashing the Power of the SORA AI lastest leap

Air Compressor reciprocating single stage

Bridge Jacking Design Sample Calculation.pptx

HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR

Minimum and Maximum Modes of microprocessor 8086

Block diagram reduction techniques in control systems.ppt

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Thermal Engineering Unit - I & II . ppt

scipt v1.pptxcxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...

data_management_and _data_science_cheat_sheet.pdf

Hostel management system project report..pdf

Generative AI or GenAI technology based PPT

HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx

Thermal Engineering-R & A / C - unit - V

Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil

S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx

GDS-Austin - DevSecOps & Security Chaos Engineering

1. @aaronrinehart “Resilience is the story of the outage that never happened.” - John Allspaw @verica_io #chaosengineering

2. Aaron Rinehart Contact Info Rinehart.Aaron@gmail.com @aaronrinehart 2

3. IN This Session We will Cover

7. All components could be 100% correct, and yet the system exhibits undesirable behavior.

10. How do we survive the undesirable effects of complex systems?

11. Simplicity

12. ACCIDENTAL

13. ESSENTIAL

14.

15.

16. So what does this have to do with Security?

17.

18.

19.

20.

21. How do We Avoid Drifting into The Unknown?

22.

23.

24.

25.

26. SECURITY INCIDENTS ARE NOT DETECTIVE MEASURES

27.

28.

29.

30.

31. Netflix Chaos ToolsChaos Monkey

32.

33.

34.

35.

36. Who is doing Chaos?

37. Don’t just test ….Experiment

38. Testing vs. Experimentation

39.

40. What could go wrong?

41. How does My Security Really Work?

42. Am I Sure it Works that way?

43. How would I know?

44. How it Works

45. 46 An Open Source Tool

46. • ChatOps Integration • Configuration-as-Code • Example Code & Open Framework ChaoSlingr Product Features • Serverless App in AWS • 100% Native AWS • Configurable Operational Mode & Frequency • Opt-In | Opt-Out Model

47.

48. “If it ain’t broke, try harder” - Chaos Philosophy Think Differently

GDS-Austin - DevSecOps & Security Chaos Engineering

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie GDS-Austin - DevSecOps & Security Chaos Engineering

Ähnlich wie GDS-Austin - DevSecOps & Security Chaos Engineering (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

GDS-Austin - DevSecOps & Security Chaos Engineering