Chaos Engineering-Part 1

“Chaos engineering” is planning and performing various failure tests on the live production environments to check its high availability, RTO and RPOs. The idea may sound absurd at first and may raise eyebrows of many in your organization. But when implemented right , with proper panning it can keep the organization fully prepared for any critical component/module failure. “Chaos Engineering” by itself is very planned and detailed and involves through analysis of whole organization environment, understanding current RTO and RPO and planning and execute the tests so as to make sure the systems are tested for wide variety of failures. The objective of planning is to cover as many failure scenarios as possible.

Continue reading “Chaos Engineering-Part 1”

Threat libraries

The threat library, is exactly what it sounds like, is a place to store the threats encountered by your organization or related to your organization and have impact to it. This library is used to store the threat event details, attributes, chronology of events, related files and softwares etc. It’s important for an organization to keep so that if in future if similar incidents occur, old incident can be used for learning and mitigating new event effectively. It also help the organization to assess the threat types and trend observed historically, which in turn helps security teams to understand critical focus areas for threats.

Continue reading “Threat libraries”