[{"data":1,"prerenderedAt":67},["ShallowReactive",2],{"term-s\u002Fsecurity-theater":3,"related-s\u002Fsecurity-theater":59},{"id":4,"title":5,"acronym":6,"body":7,"category":40,"description":41,"difficulty":42,"extension":43,"letter":44,"meta":45,"navigation":46,"path":47,"related":48,"seo":53,"sitemap":54,"stem":57,"subcategory":6,"__hash__":58},"terms\u002Fterms\u002Fs\u002Fsecurity-theater.md","Security Theater",null,{"type":8,"value":9,"toc":33},"minimark",[10,15,19,23,26,30],[11,12,14],"h2",{"id":13},"eli5-the-vibe-check","ELI5 — The Vibe Check",[16,17,18],"p",{},"Security theater is the stuff that looks secure but doesn't actually stop attackers. Mandatory password rotations, security banners nobody reads, checkbox compliance. It wastes everyone's time and creates false confidence.",[11,20,22],{"id":21},"real-talk","Real Talk",[16,24,25],{},"Security theater (term popularized by Bruce Schneier) describes security measures that create the appearance of protection without materially reducing risk. Common examples: 90-day password rotation, complex-character rules, SOC2 checkboxes untied to actual controls, security questionnaires nobody validates. Real security focuses on threat modeling, least privilege, and tested controls.",[11,27,29],{"id":28},"when-youll-hear-this","When You'll Hear This",[16,31,32],{},"\"The quarterly phishing test is security theater — it catches nothing.\" \u002F \"Compliance isn't security. Most of that's security theater.\"",{"title":34,"searchDepth":35,"depth":35,"links":36},"",2,[37,38,39],{"id":13,"depth":35,"text":14},{"id":21,"depth":35,"text":22},{"id":28,"depth":35,"text":29},"security","Security theater is the stuff that looks secure but doesn't actually stop attackers.","intermediate","md","s",{},true,"\u002Fterms\u002Fs\u002Fsecurity-theater",[49,50,51,52],"Compliance","Threat Model","Zero Trust","Security",{"title":5,"description":41},{"changefreq":55,"priority":56},"weekly",0.7,"terms\u002Fs\u002Fsecurity-theater","4vewlebNAFozrUwk60uqdTELVvjbJWNw55ClWubetmo",[60,64],{"title":49,"path":61,"acronym":6,"category":40,"difficulty":62,"description":63},"\u002Fterms\u002Fc\u002Fcompliance","beginner","Compliance means following the rules — legal, industry, or governmental standards that say how you must handle data and security.",{"title":51,"path":65,"acronym":6,"category":40,"difficulty":42,"description":66},"\u002Fterms\u002Fz\u002Fzero-trust","Zero trust means 'never trust, always verify' — even if a request comes from inside your network.",1776518311576]