// Comparison

Security Chaos Engineering vs Techniques virales avancées: Which Should You Read?

Two cybersecurity books on Defensive, compared honestly: who each is for, what each does best, and which to read first.

Advanced

5/52023

Sustaining Resilience in Software and Systems

Kelly Shortridge, Aaron Rinehart

Kelly Shortridge and Aaron Rinehart on treating security as a property of complex adaptive systems: instead of preventing failure, you continuously simulate it, and design the organization to learn from each result.

Advanced

4/52007

Techniques virales avancées

Éric Filiol

Specialized follow-up to Filiol's Les virus informatiques. Dives into advanced malicious-code attack techniques and their defensive analysis.

Read this if

Security architects, SREs, and platform engineers ready to abandon the prevention-first frame. Particularly strong for organizations that already practice chaos engineering for reliability and want to extend the discipline to security; the book is the bridge.

Readers who've worked through Les virus informatiques and want the next level on evasion, polymorphism, metamorphism.

Skip this if

Practitioners working in heavily regulated environments where intentional production faults are not legal, or smaller organizations without the operational maturity to run game days safely. Also a poor first security book: it assumes you know what threat models, blast radius, and feedback loops are.

Readers who haven't read the prior volume. Filiol leans on the formalism set there.

Key takeaways

Security and reliability share the same root engineering problem: how to keep complex systems within tolerable bounds when the failure surface is unbounded.
Decision trees and effort-vs-impact analysis are operationalizable artifacts, not just blog material; the book teaches you to actually use them.
Continuous experimentation is more honest than tabletop exercises: production tells you what is true, runbooks tell you what someone wished were true.

Offense/defense companion to the same school — one of the few French-language titles that goes to this level of detail.
Particularly useful for understanding older classes of evasion techniques that resurface in modern implants.
Together with Les virus informatiques, the most complete French-language academic foundation on the topic.

How they compare

We rate Security Chaos Engineering higher (5/5 against 4/5 for Techniques virales avancées). For most readers, that means Security Chaos Engineering is the primary pick and Techniques virales avancées is a useful follow-up.

Both books target advanced-level readers, so the choice is about topic, not difficulty.

Security Chaos Engineering and Techniques virales avancées both cover Defensive, so reading them in sequence reinforces the same material from different angles.

Keep reading

Security Chaos Engineering

→ Alternatives to Security Chaos Engineering → What to read after Security Chaos Engineering