What happens when your security controls fail? In this lightning talk, we'll explore how to apply chaos engineering principles to cloud security. Learn how deliberately introducing controlled security failures can help identify vulnerabilities, improve incident response, and build more resilient cloud systems before real attackers find weaknesses.

This talk is ideal for cloud engineers, security professionals, and SREs who want to proactively improve their security posture through controlled experimentation. Basic knowledge of cloud infrastructure and security concepts is recommended.

Outline:

1. Security Chaos Engineering Fundamentals
1.1 From Netflix's Chaos Monkey to security testing
1.2 Building a security experiment framework
1.3 Defining blast radius and safety measures

2. Practical Experiments
2.1 IAM permission testing
2.2 Network security group failures
2.3 API gateway chaos
2.4 Authentication system stress testing

3. Measuring and Learning
3.1 Key metrics for security resilience
3.2 Learning from controlled failures
3.3 Building automated security chaos testing
3.4 Creating feedback loops