Skip to Content
Learning & KnowledgeBooks & SummariesO'Reilly SRE

O’Reilly SRE

Chapter 1

  • Redundancy increases reliability, but increases vector of attacks
  • CIA Triad - Confidentiality, integrity and availability
  • Use risk based approaches for estimation of negative events
  • Calculate opportunity cost and up-front cost for preventing them
  • When systems fail from the reliability perspective - high load or component failures. For high load - To reduce the load - spread the volume of requests across instances or make requests cheaper (faster and easier to process). For component failures - redundancy and distinct failure domains.

Chapter 2

  • Model Threat Insider Risk

  • Limit insider risk by:

  • Least Privilige

  • Zero Trust

  • MFA

  • Business Justification

  • Auditing and Detection

  • Recoverability

  • Cyber Kill Chain - plot the progression of attack

  • TTP - Tactics, Techniques and Procedures

Chapter 3

  • Safe proxies - single entry point between networks allowing for auditing operations, controlling access to resources and protecting production
  • Zero Touch Prod - all the prod changes are done through automated software
  • MPA - Multi Party Authorisation
  • Breakglass mechanism - user can bypass policiees to allow engineers to quickly resolve the outage

Chapter 4

Chapter 5

  • Least privilige
  • Zero Trust Networking
  • Zero Touch - everything through automation
  • Classification based on risk
  • Denial should almost always “be blind”
Last updated on
Never Split the DifferenceOKR - Radical Focus