mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 22:24:56 +03:00
mukul975
1.7 KiB
1.7 KiB
name, description, domain, subdomain, tags, version, author, license
| name | description | domain | subdomain | tags | version | author | license | ||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| implementing-security-chaos-engineering | Implements security chaos engineering experiments that deliberately disable or degrade security controls to verify detection and response capabilities. Tests WAF bypass, firewall rule removal, log pipeline disruption, and EDR disablement scenarios using boto3 and subprocess. Use when validating SOC detection coverage and resilience. | cybersecurity | security-operations |
|
1.0 | mahipal | MIT |
Implementing Security Chaos Engineering
Instructions
Design and execute security chaos experiments that intentionally break security controls to verify that detection, alerting, and response systems work correctly.
# Example: Verify detection when a security group is opened
import boto3
ec2 = boto3.client("ec2")
# Chaos experiment: temporarily add 0.0.0.0/0 rule
ec2.authorize_security_group_ingress(
GroupId="sg-12345",
IpProtocol="tcp", FromPort=22, ToPort=22,
CidrIp="0.0.0.0/0",
)
# Verify: does GuardDuty/Config alert fire within SLA?
# Rollback: remove the rule after verification
Key experiments:
- Open a security group and verify Config Rule alerts
- Disable CloudTrail and verify detection time
- Create IAM admin user and verify alert triggers
- Simulate log pipeline failure and check monitoring gaps
- Deploy test malware hash and verify EDR response
Examples
# Rollback function for safe experiment execution
def run_experiment(setup_fn, verify_fn, rollback_fn, timeout=300):
try:
setup_fn()
result = verify_fn(timeout)
finally:
rollback_fn()
return result