Defense In Depth
Overview
Defense In Depth. The principle is simple. Assume each layer of your security will be breached. Think about how to delay the attacker, how to increase their costs.
The more you can delay the attacker, the more you have a chance of observing and reacting before its too late.
The more you can shift cost from you (the defender) to the attacker, the more likely it is they will go elsewhere.
Articles
Content-Security-Policy protects our application, but challenging with external scripts like Google Tag Manager. We show in Angular Single Page Application.
Doppelganger domains are used to spear-phish you. They look similar to ones you use normally. See this new warning in Chrome.
Secure automatic software delivery without the risk of tampering. The Update Framework in action.
Document how you receive and treat security vulnerability reports with the security.txt standard
Fail to ban. Simple. Strong. Make the attackers wait, increase their cost while decreasing your cost of defending. Defense in Depth.
DNSSEC. It helps prevent someone from poisoning a DNS cache or creating a lying recursive. Its simple to enable.
The Agilicus Philosophy: The world we work in changes. Our requirements change. By continuously learning and adapting, we survive and thrive.
Want to improve your security for zero cost before you leave for the day? Add a DNS CAA Record. Watch the video to learn more!
The Firewall Emperor, long the king of security, has no clothes. Micro segmentation is just more firewalls. You want Zero Trust Network Access.