Fork me on GitHub

Implementation -> Infrastructure Hardening: Usage of a chaos monkey

Risk and Opportunity

Risk: Due to manuel changes on a system, they are not replaceable anymore. In case of a crash it might happen that a planned redundant system is unavailable. In addition, it is hard to replay manual changes.
Opportunity: A randomized periodically shutdown of systems makes sure, that nobody will perform manual changes to a system.

Exploit details

Usefullness: Medium
Required knowledge: Medium (two disciplines)
Required time: Very High
Required resources (systems): Very High

OWASP SAMM 2 Mapping: o-environment-management|A|1
ISO27001:2017 Controls Mapping: