Cloud Security Podcast by Google
Guest:
Kelly Shortridge, Senior Principal Engineer in the Office of the CTO at Fastly
Topics:
So what is Security Chaos Engineering?
“Chapter 5. Operating and Observing” is Anton’s favorite. One thing that mystifies me, however, is that you outline how to fail with alerts (send too many), but it is not entirely clear how to practically succeed with them? How does chaos engineering help security alerting / detection?
How chaos engineering (or is it really about software resilience?) intersects with Cloud security - is this peanut butter and chocolate or more like peanut butter and pickles?
How can organizations get started with chaos engineering for software resilience and security?
What is your favorite chaos engineering experiment that you have ever done?
We often talk about using the SRE lessons for security, and yet many organizations do security the 1990s way. Are there ways to use chaos engineering as a forcing function to break people out of their 1990s thinking and time warp them to 2023?
Resources:
“Deploy Security Capabilities at Scale: SRE Explains How” (ep85)
“The Good, the Bad, and the Epic of Threat Detection at Scale with Panther” (ep123)
“Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?” (ep117)