Engineer for the future of Cloud
June 10-13, 2019
San Jose, CA

Security precognition: A look at chaos engineering in security incident response

Aaron Rinehart (Verica)
1:25pm2:05pm Wednesday, June 12, 2019
Building Secure Systems
Location: LL21 E/F
Average rating: ***..
(3.33, 3 ratings)

Level

Intermediate

Prerequisite knowledge

  • A basic understanding of security incident response, cloud security, distributed systems, and security monitoring

What you'll learn

  • Understand the hidden costs of security incidents and how to change incident response team thinking
  • Learn a new technique for uncovering system weaknesses in systems security, how to validate runbooks by the numbers using chaos engineering, and enrich incident responder knowledge through engineering principles

Description

Large scale distributed systems have unpredictable and complex outcomes that are costly when security incidents occur. Security incident response today is mostly a reactive and chaotic exercise. Chaos engineering allows security incident response teams to proactively experiment on recurring incident patterns to derive new information about underlying factors that were previously unknown.

What if you could flip that scenario on its head? Chaos engineering advances the security incident response framework by reversing the postmortem and preparation phase. This is done by developing live fire exercises that can be measured and managed. Contrary to red team game days, chaos engineering doesn’t use threat actor tactics, techniques, and procedures. Instead it develops teams through unique configuration, cyberthreat, and user error scenarios that challenge responders to react to events outside their playbooks and comfort zones.

Join Aaron Rinehart to explore the hidden costs of security incidents, learn a new technique for uncovering system weaknesses in systems security, and more. You’ll also get a glimpse of ChaoSlingr, an open source security chaos engineering tool built and deployed within a Fortune 5 company. Aaron explains how the tool helped his team discover that many of their security controls didn’t function as intended and how, as a result, they were able to proactively improve them before they caused any real problems.

Photo of Aaron Rinehart

Aaron Rinehart

Verica

Aaron Rinehart has been expanding the possibilities of chaos engineering in its application to other safety-critical portions of the domain, notably cybersecurity. He pioneered the application of security in chaos engineering during his tenure as the chief security architect at UnitedHealth Group (UHG), the largest private healthcare company in the world. While at UHG, Aaron released ChaoSlingr, one of the first open source tools focused on using chaos engineering in cybersecurity to build more resilient systems. A frequent author, consultant, and speaker, Aaron also recently founded the first chaos engineering meetup in Washington, DC.

Leave a Comment or Question

Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?

Join the conversation here (requires login)

Comments

Picture of Aaron Rinehart
Aaron Rinehart | CTO AND FOUNDER
06/26/2019 8:19pm PDT

the slides can be found at the link in the comment prior to this one. please reach out if you have any questions or want to chat more at aaron@verica.io or hit me up on LInkedIn or Twitter at @aaronrinehart

Picture of Aaron Rinehart
Aaron Rinehart | CTO AND FOUNDER
06/26/2019 8:17pm PDT

https://www.slideshare.net/rinehartas/velocity-2019-security-precognition-2019-slides-san-jose-2019