EP132 Chaos Engineering for Security: How to Improve Software Resilience with Kelly Shortridge

Topics covered:

• So what is Security Chaos Engineering?
• “Chapter 5. Operating and Observing” is Anton’s favorite. One thing that mystifies me, however, is that you outline how to fail with alerts (send too many), but it is not entirely clear how to practically succeed with them? How does chaos engineering help security alerting / detection?
• How chaos engineering (or is it really about software resilience?)  intersects with Cloud security--is this peanut butter and chocolate or more like peanut butter and pickles?
• How can organizations get started with chaos engineering for software resilience and security?
• What is your favorite chaos engineering experiment that you have ever done?
• We often talk about using the SRE lessons for security, and yet many organizations do security the 1990s way. Are there ways to use chaos engineering as a forcing function to break people out of their 1990s thinking and time warp them to 2023