Skip to content

Overview

Defense In Depth. The principle is simple. Assume each layer of your security will be breached. Think about how to delay the attacker, how to increase their costs.

The more you can delay the attacker, the more you have a chance of observing and reacting before its too late.

The more you can shift cost from you (the defender) to the attacker, the more likely it is they will go elsewhere.

Defense in depth means defending at each stage of a pipeline. From SAST through simple orthogonal security techniques like fail to ban to zero-trust techniques like splitting identity from authorisation.


Articles

Industrial Air Gap – A Tale Of 2 Users

Devices on industrial control system networks are ill-equipped for the hardships associated with the Internet and remote access. Low-speed processors, infrequent firmware upgrades, spotty security research, Common Vulnerabilities and Exposures (CVE) publishing, etc. This leads to a natural conflict: the operator is…
Read More