Save 37% off PRO during our Black Friday Sale! »

Risk Driven Fault Injection

Risk Driven Fault Injection

Most cloud security tools are reactive and employ firefighting techniques, which often leads to missed security gaps. These gaps range from misconfigured assets to complex security vulnerabilities, therefore better security models are imperative. This talk proposes the application of chaos engineering techniques to cloud security based on risk-driven techniques.


Kennedy Torkura

March 31, 2021


  1. Risk Driven Fault Injection Security Chaos Engineering for The Fast

    & Furious Kennedy A . Torkura
  2. Security Chaos Engineering • What is Security Chaos Engineering ◦

    How is differs from Chaos Engineering • Why it is important/why are we talking about it ◦ Complexity ◦ Increasing attacks against cloud native infrastructure ◦ Inefficient security countermeasures • Cloud Native Security ◦ What is it ◦ Challenges • Risk-Driven Fault Injection
  3. Security Chaos Engineering Security Chaos Engineering is the identification of

    security control failures through proactive experimentation to build confidence in the system’s ability to defend against malicious conditions in production Aaron Rinehart, Co-Founder & CTO,Verica
  4. Security Chaos Engineering Chaos Engineering • Addresses availability problems •

    Resiliency patterns ◦ Timeouts ◦ Bulkheads ◦ Circuit breaker Security Chaos Engineering • Addresses ◦ Availability ◦ Integrity ◦ Confidentiality • Verify security patterns/controls ◦ Preventive controls e.g. firewalls ◦ Detective controls e.g. IDS ◦ Corrective controls e.g. incident response systems • AIM - detect security blind spots
  5. Complexity Complexity is the worst enemy of security - Bruce

  6. Increasing Cloud Attacks Cloud Native threat Report 2020 - Aqua

    Security Team
  7. Evolving Security Challenges 99% cloud security incidents is caused by

    users - Gartner Why? • Knowledge gap • Insufficient tooling support
  8. Evolving Security Challenges • Digital transformation • DevOps • CI/CD

    Traditional Security
  9. Evolving Security Challenges • Digital transformation • DevOps • CI/CD

    Modern Security
  10. Cloud Native Security Cloud Native Security is about securing cloud

    native infrastructure The 4C’s of Cloud Native Security • defence-in-depth
  11. Cloud Attack Paths

  12. Cloud Attack Paths container code cloud cluster

  13. Cloud Native Security Platforms Cloud Security Posture Management Cloud Access

    Security Brokers Cloud Workload Protection Platforms SCE
  14. PLAN Apply outcome of analysis to improve security. Design and

    plan future security hypotheses ANALYZE Collect and analyze observations. Vulnerabilities can be ranked and prioritized MONITOR Observe and monitor the execution of security perturbations. Intervene when necessary to ensure safety EXECUTE Inject security faults based on crafted hypotheses KNOWLEDGE Security insights & information including security fault models, detected vulnerabilities & analytical outcomes Risk Driven Fault Injection • adapted from MAPE-K Feedback loop used in autonomous computer systems SCE Feedback Loop
  15. Execute • 100% security is a dream • Risk driven

    security ◦ Quantitative risk assessments ◦ Data driven • Communicate security information/analysis to management and other teams • Measure progress Risk Driven Fault Injection
  16. Execute • The aim of the experiment • Craft a

    suitable hypothesis • Determine the scope: scale, depth and intensity • Perform sanity check ◦ Coordinating with responsible teams (admin & social aspects) ◦ Recoverability (IaC, Git, State Management) SCE Feedback Loop
  17. Implementation ▪ Modes of operation: □ Low- 30% □ Medium

    - 60% □ High - 90% ▪ Attack scenario: chaining of multiple attack actions
  18. start create user Bob get cloud buckets select random bucket

    create malicious policy assign policy to Bob & bucket end An example of an experiment hypothesis: cloud buckets are secure SCE Attack Scenario
  19. Monitor SCE Feedback Loop • Observe the progress of the

    experiments ◦ Logging ◦ Observability ◦ Tracing • Intervene if necessary ◦ Stop experiment ◦ Recover to good state
  20. Analyze SCE Feedback Loop • Failed - had to stop

    , need to identify the reasons and figure out how to improve in the future • Success - Critical to derive answers to the questions posed at the planning stage
  21. Analyse SCE Results Using Risk-Driven Methodologies OWASP Risk Rating Methodology
  22. SCE Feedback Loop Plan • Creating of backlogs ◦ Vulnerability

    management (patching) ◦ Security operations ◦ Development teams ◦ Threat modelling ◦ Awareness training • Next steps ◦ Remediate ◦ Construct hypothesis for the next iteration
  23. SCE Feedback Loop Knowledge-base • Security automation ◦ Create cloudwatch

    rules to trigger alarms for specific events ◦ Create audit rules for CSPM ◦ Flag policies with broad permissions • Security analytics • Security correlation • Machine learning
  24. Security Knowledgebase SIEM Data Collection Analysis, Visualization & Automation Unified

    Query & Storage Threat Intelligence Source Extended Detection & Response Security Chaos Engineering Security Orchestration, Automation & Response Compliance Automation Extract, Transform & Load Security Data Lake
  25. Research & Publications

  26. Thank you for listening ! Kennedy Torkura @run2obtain