Registration is NOW Open
Marriott Wardman Park
2660 Woodley Rd NW
Washington DC, District of Columbia 20008 USA
Phone: 1-202-328-2000 

Book Now 
*discount rates expire August 19, 2019
Back To Schedule
Thursday, September 12 • 10:30am - 11:15am
Security & Chaos Engineering: A Novel Approach to Crafting Secure and Resilient Distributed Systems

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Security today is customarily a reactive and chaotic exercise.

Modern systems pose a number of thorny challenges and securing the transformation from legacy monolithic systems to distributed systems demands a change in mindset and engineering toolkit. The security engineering toolkit is unfortunately out-of-style and outdated with today's approach to building, security and operating distributed systems. Distributed systems at scale have unpredictable and complex outcomes that are costly when security incidents occur. The speed, scale, and complex operations within microservice architectures make them tremendously difficult for humans to mentally model their behavior.

What if you could flip a security incident scenario on its head and drive it in reverse? Chaos Engineering allows for security teams to proactively experiment on recurring incident patterns to derive new information about underlying factors that were previously unknown by reversing the postmortem and preparation phase. This is done by developing live-fire exercises that can be measured, managed, and automated. Contrary to Red/Purple Team game days, chaos engineering does not use threat actor tactics, techniques, and procedures. It develops teams by building a learning culture around system failure to challenge engineering teams to discover new insights on how they can improve their applied security.

People operate differently when they expect things to fail. Additionally, teams are more likely to keep an open mind about what is actually causing those things to fail when they are not fighting fires. There is a fundamental shift in mental focus and operational momentum that drives teams to put the fire out versus thorough examination of what caused the incident to begin with. As far as we know it Chaos Engineering is the only proactive mechanism for detecting availability and security incidents before they happen. Security Chaos Engineering allows teams to proactively, safely discover system weakness before they disrupt business outcomes.

In this session, we will introduce a new concept known as Security Chaos Engineering and how it can be applied to create highly secure, performant, and resilient distributed systems.

avatar for Aaron


Founder, Verica
Aaron is most notably known for expanding the possibilities of Chaos Engineering in its application to other safety-critical portions of the IT domain notably cybersecurity. He began pioneering the application of Security in Chaos Engineering during his tenure as the Chief Security... Read More →

Thursday September 12, 2019 10:30am - 11:15am EDT
Lincoln 6