Security Chaos Engineering
O'Reilly Media (Verlag)
978-1-0981-1382-7 (ISBN)
Information security is broken. Year after year, attackers remain unchallenged and undeterred, while engineering teams feel mounting pressure to design, build, and operate "secure" systems. Attacks can't be prevented, mental models of systems are incomplete, and our digital world constantly evolves. How can we verify that our systems behave the way we expect? What can we do to improve our systems' resilience?
In this pragmatic and comprehensive guide, authors Kelly Shortridge and Aaron Rinehart help you navigate the challenges of securing complex software systems. Using the principles and practices of security chaos engineering, they explore how you can cultivate resilience across the software delivery lifecycle. Attackers and systems will change, but by preparing for adverse events you can ensure it does not disrupt your ability to innovate, move quickly, and achieve your engineering and business goals.
You will:
Learn how to design a modern security program aligned to business and engineering goals
Make informed decisions at each phase of software delivery to nurture resilience to attack
Understand the complex systems dynamics upon which security outcomes depend
Navigate technical and organizational trade-offs that distort defensive decision making
Explore chaos experimentation as a tool for verifying critical assumptions about systems security and the ROI of security investments
Peek behind the scenes of major enterprises that leverage security chaos engineering and learn from their practices
Kelly Shortridge is a Senior Principal Engineer at Fastly. Kelly is coauthor of Security Chaos Engineering (O'Reilly Media) and an expert in resilience-based strategies for systems defense. Shortridge has been a successful enterprise product leader as well as a startup founder (with an exit to CrowdStrike) and investment banker. Kelly frequently advises Fortune 500s, investors, startups, and federal agencies and has spoken at major technology conferences internationally, including Black Hat USA, O'Reilly Velocity Conference, and RSA Conference. Kelly's research papers have been featured in Communications of ACM, IEEE, ACM Queue, and Human Factors and Ergonomics Society, spanning behavioral science in information security, deception strategies, and the ROI of resilience. They also serve on ACM Queue's magazine editorial board. Aaron Rinehart has spent his career solving complex engineering problems and transforming cyber security practices across a diverse set of industries: healthcare, insurance, government, aerospace, technology, higher education, and the military. Aaron has been expanding the possibilities of chaos engineering in its application to other safety-critical portions of the IT domain, most notably in cybersecurity. He began shaping the application of chaos engineering within cyber security during his tenure as the Chief Security Architect at a Fortune 4, UnitedHealth Group (UHG). Rinehart is a frequently requested speaker at respective media outlets and conferences, most notably RSA, Oa Reillya s Velocity, Blackhat/DefCon, GOTO, OWASP Global, and QCon. Rinehart has been interviewed and quoted in various publications including the Huffington Post, ABC News, TechTarget, DarkReading, SecurityWeekly, IEEE, and the Washington Post.
Erscheinungsdatum | 13.04.2023 |
---|---|
Verlagsort | Sebastopol |
Sprache | englisch |
Maße | 178 x 232 mm |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
ISBN-10 | 1-0981-1382-9 / 1098113829 |
ISBN-13 | 978-1-0981-1382-7 / 9781098113827 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich