Kelly Shortridge - Security Chaos Engineering: Sustaining Resilience in Software and Systems

by Kelly Shortridge with Aaron Rinehart

Copyright 2023 Aaron Rinehart and Kelly Shortridge. All rights reserved.

Printed in the United States of America.

Published by OReilly Media, Inc. , 1005 Gravenstein Highway North, Sebastopol, CA 95472.

OReilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://oreilly.com). For more information, contact our corporate/institutional sales department: 800-998-9938 or corporate@oreilly.com.

• Acquisitions Editor: John Devins
• Development Editor: Michele Cronin
• Production Editor: Clare Laylock
• Copyeditor: Nicole Tach
• Proofreader: Audrey Doyle
• Indexer: Sue Klefstad
• Interior Designer: David Futato
• Cover Designer: Karen Montgomery
• Illustrator: Kate Dullea
• Chapter-Opener Image Designer: Savannah Glitschka

• March 2023: First Edition

See http://oreilly.com/catalog/errata.csp?isbn=9781098113827 for release details.

The OReilly logo is a registered trademark of OReilly Media, Inc. Security Chaos Engineering, the cover image, and related trade dress are trademarks of OReilly Media, Inc.

The views expressed in this work are those of the authors and do not represent the publishers views. While the publisher and the authors have used good faith efforts to ensure that the information and instructions contained in this work are accurate, the publisher and the authors disclaim all responsibility for errors or omissions, including without limitation responsibility for damages resulting from the use of or reliance on this work. Use of the information and instructions contained in this work is at your own risk. If any code samples or other technology this work contains or describes is subject to open source licenses or the intellectual property rights of others, it is your responsibility to ensure that your use thereof complies with such licenses and/or rights.

978-1-098-11382-7

[LSI]

In Lifes wave, in actions storm,

I float, up and down,

I blow, to and fro!

Birth and the tomb,

An eternal flow,

A woven changing,

A glow of Being.

Over Times quivering loom intent,

Working the Godheads living garment.

Faust

If youve worked with computers in a professional setting at any point since the dawn of the millennia, youve probably heard that security is important. By now, youve also probably realized cybersecurity is broken. Humans are entrusting us, as people working with software, with more and more of their lives and we are failing to keep that trust. Year after year, the same sorts of attacks ravage the coasts and heartlands of our ever-growing digital territories.

Meanwhile, the security industry accumulates power and money, indulging in newer, shinier technology and oft deepening their sanctimonious effrontery. Success outcomes remain amorphous; and in the background slinks an existential dread that security cant keep up with software. Fingers point and other fingers point back. Our security programs coagulate into performative ritualsa modern humoralism based in folk wisdom and tradition rather than empiricism. Software engineering teams simmer in resentment, yearning for answers on how to keep their systems safe without requiring ritual sacrifices. We know we can do better, but we struggle to chart a course when immersed in the murky obliqueness that is cybersecurity today.

A fundamental shift in both philosophy and practice is nigh. Cybersecurity must embrace the reality that failure will happen. Humans will click on things and sometimes it will be the wrong thing. The security implications of simple code changes wont be clear to developers. Mitigations will accidentally be disabled. Things will break (and are, in fact, breaking all the time). This shift requires us to transform toward resiliencethe ability to recover from failure and adapt as our context changes.

This book is an attack on current cybersecurity strategy and execution. To evoke author and activist Jane Jacobs, this attack is on the principles and aims that have shaped traditional cybersecurity strategy and execution, not quibbles about specific methods or design patterns.