• Complain

Kelly Shortridge - Security Chaos Engineering: Sustaining Resilience in Software and Systems

Here you can read online Kelly Shortridge - Security Chaos Engineering: Sustaining Resilience in Software and Systems full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2023, publisher: OReilly Media, genre: Computer / Science. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Kelly Shortridge Security Chaos Engineering: Sustaining Resilience in Software and Systems
  • Book:
    Security Chaos Engineering: Sustaining Resilience in Software and Systems
  • Author:
  • Publisher:
    OReilly Media
  • Genre:
  • Year:
    2023
  • Rating:
    4 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 80
    • 1
    • 2
    • 3
    • 4
    • 5

Security Chaos Engineering: Sustaining Resilience in Software and Systems: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Security Chaos Engineering: Sustaining Resilience in Software and Systems" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Cybersecurity is broken. Year after year, attackers remain unchallenged and undeterred, while engineering teams feel pressure to design, build, and operate secure systems. Failure cant be prevented, mental models of systems are incomplete, and our digital world constantly evolves. How can we verify that our systems behave the way we expect? What can we do to improve our systems resilience?In this comprehensive guide, authors Kelly Shortridge and Aaron Rinehart help you navigate the challenges of sustaining resilience in complex software systems by using the principles and practices of security chaos engineering. By preparing for adverse events, you can ensure they dont disrupt your ability to innovate, move quickly, and achieve your engineering and business goals. Learn how to design a modern security program Make informed decisions at each phase of software delivery to nurture resilience and adaptive capacity Understand the complex systems dynamics upon which resilience outcomes depend Navigate technical and organizational trade-offsthat distort decision making in systems Explore chaos experimentation to verify critical assumptions about software quality and security Learn how major enterprises leverage security chaos engineering

Kelly Shortridge: author's other books


Who wrote Security Chaos Engineering: Sustaining Resilience in Software and Systems? Find out the surname, the name of the author of the book and a list of all author's works by series.

Security Chaos Engineering: Sustaining Resilience in Software and Systems — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Security Chaos Engineering: Sustaining Resilience in Software and Systems" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Praise for Security Chaos Engineering

Security Chaos Engineering is a must read for technology leaders and engineers today, as we operate increasingly complex systems. Security Chaos Engineering presents clear evidence that systems resilience is a shared goal of both ops and security teams, and showcases tools and frameworks to measure, design, and instrument systems to improve the resilience and security of our systems.

10/10 strong recommend (kidding but also not).

Dr. Nicole Forsgren, lead author of Accelerate and partner at Microsoft Research

Shortridge weaves multiple under-served concepts into the books guidance, like recognizing human biases, the power of rehearsals, org design, complex systems, systems thinking, habits, design thinking, thinking like a product manager and a financial planner, and much more.

This book brings the reader in on a well-kept secret: security is more about people and processes than about technology. It is our mental models of those elements that drive our efforts and outcomes.

Bob Lord, former Chief Security Officer of the DNC and former Chief Information Security Officer of Yahoo

As our societies become more digitized then our software ecosystems are becoming ever more complex. While complexity can be considered the enemy of security, striving for simplicity as the sole tactic is not realistic. Rather, we need to manage complexity and a big part of that is chaos engineering. That is testing, probing, modeling, and nudging complex systems to a better state. This is tough, but Kelly and Aaron bring immense cross-domain, practical real-world experience to this area in a way that all security professionals should find accessible and fascinating.

Phil Venables, Chief Information Security Officer, Google Cloud

Security Chaos Engineering provides a much-needed reframing of cybersecurity that moves it away from arcane rules and rituals, replacing them with modern concepts from software and resiliency engineering. If you are looking for ways to uplift your security approaches and engage your whole engineering team in the process, this book is for you.

Camille Fournier, engineering leader and author, The Managers Path

We as defenders owe it to ourselves to make life as hard for attackers as possible. This essential work expertly frames this journey succinctly and clearly and is a must read for all technology leaders and security practitioners, especially in our cloud native world.

Rob Duhart, Jr., VP, Deputy Chief Information Security Officer and Chief Information Security Officer eCommerce at Walmart

Security Chaos Engineering is an unflinching look at how systems are secured in the real world. Shortridge understands both the human and the technical elements in security engineering.

George Neville-Neil, author of the Kode Vicious column in ACM Queue Magazine

Security masquerades as a technical problem, but it really cuts across all layers: organizational, cultural, managerial, temporal, historical, and technical. You cant even define security without thinking about human expectations, and the dividing line between flaw and vulnerability is non-technical. This thought-provoking book emphasizes the inherent complexity of security and the need for flexible and adaptive approaches that avoid both box-ticking and 0day-worship.

Thomas Dullien, founder, security researcher, and performance engineer

Security Chaos Engineering

by Kelly Shortridge with Aaron Rinehart

Copyright 2023 Aaron Rinehart and Kelly Shortridge. All rights reserved.

Printed in the United States of America.

Published by OReilly Media, Inc. , 1005 Gravenstein Highway North, Sebastopol, CA 95472.

OReilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://oreilly.com). For more information, contact our corporate/institutional sales department: 800-998-9938 or corporate@oreilly.com.

  • Acquisitions Editor: John Devins
  • Development Editor: Michele Cronin
  • Production Editor: Clare Laylock
  • Copyeditor: Nicole Tach
  • Proofreader: Audrey Doyle
  • Indexer: Sue Klefstad
  • Interior Designer: David Futato
  • Cover Designer: Karen Montgomery
  • Illustrator: Kate Dullea
  • Chapter-Opener Image Designer: Savannah Glitschka
  • March 2023: First Edition
Revision History for the First Edition
  • 2023-03-30: First Release

See http://oreilly.com/catalog/errata.csp?isbn=9781098113827 for release details.

The OReilly logo is a registered trademark of OReilly Media, Inc. Security Chaos Engineering, the cover image, and related trade dress are trademarks of OReilly Media, Inc.

The views expressed in this work are those of the authors and do not represent the publishers views. While the publisher and the authors have used good faith efforts to ensure that the information and instructions contained in this work are accurate, the publisher and the authors disclaim all responsibility for errors or omissions, including without limitation responsibility for damages resulting from the use of or reliance on this work. Use of the information and instructions contained in this work is at your own risk. If any code samples or other technology this work contains or describes is subject to open source licenses or the intellectual property rights of others, it is your responsibility to ensure that your use thereof complies with such licenses and/or rights.

978-1-098-11382-7

[LSI]

Preface

In Lifes wave, in actions storm,

I float, up and down,

I blow, to and fro!

Birth and the tomb,

An eternal flow,

A woven changing,

A glow of Being.

Over Times quivering loom intent,

Working the Godheads living garment.

Faust

If youve worked with computers in a professional setting at any point since the dawn of the millennia, youve probably heard that security is important. By now, youve also probably realized cybersecurity is broken. Humans are entrusting us, as people working with software, with more and more of their lives and we are failing to keep that trust. Year after year, the same sorts of attacks ravage the coasts and heartlands of our ever-growing digital territories.

Meanwhile, the security industry accumulates power and money, indulging in newer, shinier technology and oft deepening their sanctimonious effrontery. Success outcomes remain amorphous; and in the background slinks an existential dread that security cant keep up with software. Fingers point and other fingers point back. Our security programs coagulate into performative ritualsa modern humoralism based in folk wisdom and tradition rather than empiricism. Software engineering teams simmer in resentment, yearning for answers on how to keep their systems safe without requiring ritual sacrifices. We know we can do better, but we struggle to chart a course when immersed in the murky obliqueness that is cybersecurity today.

A fundamental shift in both philosophy and practice is nigh. Cybersecurity must embrace the reality that failure will happen. Humans will click on things and sometimes it will be the wrong thing. The security implications of simple code changes wont be clear to developers. Mitigations will accidentally be disabled. Things will break (and are, in fact, breaking all the time). This shift requires us to transform toward resiliencethe ability to recover from failure and adapt as our context changes.

This book is an attack on current cybersecurity strategy and execution. To evoke author and activist Jane Jacobs, this attack is on the principles and aims that have shaped traditional cybersecurity strategy and execution, not quibbles about specific methods or design patterns.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Security Chaos Engineering: Sustaining Resilience in Software and Systems»

Look at similar books to Security Chaos Engineering: Sustaining Resilience in Software and Systems. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Security Chaos Engineering: Sustaining Resilience in Software and Systems»

Discussion, reviews of the book Security Chaos Engineering: Sustaining Resilience in Software and Systems and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.