Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

GDS-Austin - DevSecOps & Security Chaos Engineering

290 views

Published on

DevSecOps & Security Chaos Engineering - "Knowing the Unknown" -
"Resilience is the story of the outage that didn’t happen". - John Allspaw
Our systems are becoming more and more distributed, ephemeral, and immutable in how they function in today’s ever-evolving landscape of contemporary engineering practices. Not only are we becoming more complex but the rate of velocity in which our systems are now interacting, and evolving is making the work more challenging for us humans. In this shifted paradigm, it is becoming problematic to comprehend the operational state, health and safety of our systems.
In this session Aaron will uncover what Chaos Engineering is, why we need it, and how it can be used as a tool for building more performant, safe and secure systems. We will uncover the importance of using Chaos Engineering in developing a learning culture through system experimentation. Lastly, we will walk through how to get started using Chaos Engineering as well as dive into how it can be applied to cyber security and other important engineering domains.

Published in: Engineering
  • Be the first to comment

GDS-Austin - DevSecOps & Security Chaos Engineering

  1. 1. @aaronrinehart “Resilience is the story of the outage that never happened.” - John Allspaw @verica_io #chaosengineering
  2. 2. Aaron Rinehart Contact Info Rinehart.Aaron@gmail.com @aaronrinehart 2
  3. 3. IN This Session We will Cover
  4. 4. All components could be 100% correct, and yet the system exhibits undesirable behavior.
  5. 5. How do we survive the undesirable effects of complex systems?
  6. 6. Simplicity
  7. 7. ACCIDENTAL
  8. 8. ESSENTIAL
  9. 9. So what does this have to do with Security?
  10. 10. How do We Avoid Drifting into The Unknown?
  11. 11. SECURITY INCIDENTS ARE NOT DETECTIVE MEASURES
  12. 12. Netflix Chaos ToolsChaos Monkey
  13. 13. Who is doing Chaos?
  14. 14. Don’t just test ….Experiment
  15. 15. Testing vs. Experimentation
  16. 16. What could go wrong?
  17. 17. How does My Security Really Work?
  18. 18. Am I Sure it Works that way?
  19. 19. How would I know?
  20. 20. How it Works
  21. 21. 46 An Open Source Tool
  22. 22. • ChatOps Integration • Configuration-as-Code • Example Code & Open Framework ChaoSlingr Product Features • Serverless App in AWS • 100% Native AWS • Configurable Operational Mode & Frequency • Opt-In | Opt-Out Model
  23. 23. “If it ain’t broke, try harder” - Chaos Philosophy Think Differently

×