YoVDO

Exit Stage Left - Replacing Theater with Chaos

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Conference Talks Courses Cybersecurity Courses Continuous Improvement Courses Incident Management Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore how security theater leads to increased organizational friction and hinders software delivery in this thought-provoking conference talk. Contrast traditional security dramatics with a security chaos engineering approach that embraces convenience, aligns with organizational goals, and derives wisdom from failure. Discover the red flags of security theater and learn how to implement a more effective strategy. Delve into the key differences between security chaos engineering and traditional methods, including their perspectives on failure, incident management, collaboration, and organizational culture. Examine the importance of fair judgment in security practices and the need for continuous improvement. Understand why defender behaviors must evolve alongside attacker behaviors, and learn how to position security teams as advisors while holding product and engineering teams accountable for changes. Gain valuable insights into creating a more efficient and effective security approach for your organization.

Syllabus

Exit Stage Left: Replacing Theater with Chaos Kelly Shortridge, Capsules
Act 1: Welcome to Security Theater
Security Theater optimizes for drama
Cumbersome change management will hinder speedy patch deployments, too
How do we spot Security Theater's red flags? And is there a better way ahead?
Act II: Theater & Chaos in Fisticuffs
Security Chaos Engineering: Let's harness failure to build knowledge
SCE: Failure is a natural part of systems ST: Bad humans cause failures
SCE: Adapt to minimize incident impact ST: Prevent failure from happening
SCE: Security is collaborative & open ST: Security teams operate in a silo
SCE Culture: Learning & experimenting ST Culture: Fear and mistrust
Act II, Scene II: Judgment
Security Theatre shuns fair judgment
Compare security code review coverage vs. lead time or deploy frequency
The Grande Finale
Security Theater prioritizes gatekeeping more than security outcomes
Strive for continuous improvement through Security Chaos Engineering
Attackers behaviors constantly evolve. Defender behaviors must evolve, too.
Treat security teams as advisors & hold P&E teams accountable for changes


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube