Session

Security Chaos Engineering for Fun & Profit

The dynamic nature of cloud-native infrastructure requires continuous security mechanisms to effectively tackle security threats. However, cloud native infrastructure is complex and still emerging hence the security threats are barely understood resulting in successful attacks due to unknown attack patterns and behavior. In this talk, the innovative notion of Security Chaos Engineering (SCE) is introduced as a viable approach for enabling proactive cloud native security mechanisms for cloud native infrastructure. Essentially, SCE applies chaos engineering principles to cyber security such that defended environments are not just secure but also resilient to cyber-attacks. A major benefit is the derivation and use of instant empirical feedback loops that aid in verifying security mechanisms (e.g. tools) and expected properties (confidentiality, integrity and availability). Through the injection of controlled security faults (crafted as security hypotheses), deployed security mechanisms are properly analyzed, security blind spots are identified and remediated, thereby resulting in increased security and resiliency

Kennedy Torkura

Co-Founder/CTO, Mitigant

Berlin, Germany

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top