Season 1 · Episode 133

EP133 The Shared Problem of Alerting: More SRE Lessons for Security

Cloud Security Podcast by Google · Anton A Chuvakin

August 7, 202335m 58s

Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Guest:

Steve McGhee, Reliability Advocate at Google Cloud
Aron Eidelman, Developer Relations Engineer at Google Cloud

Topics:

What is the shared problem for SRE and security when it comes to alerting?
Why is there reluctance to reduce noise?
How do SREs, security practitioners, and other stakeholders define "incident" and "risk"?
How does involving an "adversary" change the way people think about an incident, even if the impact is identical?
Which SRE alerting lessons do NOT apply at all for security?

Resources:

Video (LinkedIn, YouTube)
"Deploy Security Capabilities at Scale: SRE Explains How" (ep85)
Steve talk about probability and SLO math at SLOconf
Why Focus on Symptoms, Not Causes?
Learning from incidents (LFI) science
How to measure anything in cyber security risk book
Security chaos engineering book
The SRS Book Ch 1
The SRE book Ch 4

← All episodes of Cloud Security Podcast by Google