Overview

Defense In Depth. The principle is simple. Assume each layer of your security will be breached. Think about how to delay the attacker, how to increase their costs.

The more you can delay the attacker, the more you have a chance of observing and reacting before its too late.

The more you can shift cost from you (the defender) to the attacker, the more likely it is they will go elsewhere.

Fefense in depth means defending at each stage of a pipeline. From SAST through simple orthogonal security techniques like fail to ban to zero-trust techniques like splitting identity from authorisation.


Articles