Security-focused Chaos Experiments for DevSecOps Teams
Explore the docs »
Report Bug
·
Request Feature
secops-chaos is a Chaos Engineering tool focused on Security at Runtime. The tool is designed to discover security weaknesses by experimentation in Cloud Native environments.
You can fetch the latest release here, or you can build from source.
To build from source, you'll need to have Go installed.
git clone https://github.com/operantai/secops-chaos
cd secops-chaos
make build
The design of secops-chaos can be broken down into two components:
- Experiments - Experiments actively try to run something to discover if a security weakness is present.
- Verifiers - Verifiers look at the results of an Experiment and reports their outcome.
The secops-chaos CLI mirrors this, and exposes run
& verify
commands. To start, you need to run an experiment.
Each experiment is defined by a experiment
file which allows you to tweak your experiment parameters to suit your scenarios.
For a full list of experiments you can run, see the experiments directory.
secops-chaos run -f experiments/host_path_volume.yaml
Once you've successfully run the experiment, you can verify if it was sucessful or not:
secops-chaos verify -f experiments/host_path_volume.yaml
You can also output a JSON with the verifier results by using the -j
flag.
Please read the contribution guidelines, here.
Distributed under the Apache License 2.0.