A-Z Popular Blog Security Search »
Information Security
 Advertisements
Related Guides

What is Defense In Depth?

 , updated on
Defense in depth is an IT security strategy that uses multiple layers of security controls. It is often explained with an analogy to a castle with many layers of defense such as moats, walls and finally a castle keep.
A basic principle of IT security is that components shouldn't trust each other. That is to say, that each component should assume that other components in an organization or technology stack have been compromised. It is impractical to have every single component in a large system that has no trust in anything. As such, layers are established that don't trust each other. The following are examples of layers used by defense in depth strategies.
Processes
Procedures
User Interfaces
Applications
Data Access Layers
Platforms
Servers
Operating Systems
Networks
Demilitarized zones
Data Repositories
The following are examples of techniques that may be used at each layer to implement security.
Training & situational awareness
Authentication & authorization
Pattern scanning such as anti-virus tools
Intrusion detection
Encryption
Perimeters such as firewalls
Audit trails
Sandboxes
Overview: Defense In Depth
Type
Definition
An IT security strategy that uses multiple layers of security controls.
Related Concepts

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Confidential Information
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cryptography
Cybersecurity Risk
Data Breach
Data Remanence
Data Room
Data Security
Deep Magic
Defense In Depth
Degaussing
Digital Identity
Failure Of Imagination
Geofencing
Hardening
Honeypot
IoT Security
Key Stretching
Network Security
Non-repudiation
Nonce
Operations Security
Overlay Network
Password Entropy
Password Fatigue
Proof Of Work
Sandbox
Secure Code Review
Security As A Service
Security Controls
Zero-day
More ...
If you enjoyed this page, please consider bookmarking Simplicable.
 

Security vs Privacy

The relationship between security and privacy.

Hardening

An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.

Honeypot

A definition of honeypot with examples.

Security Through Obscurity

A definition of security through obscurity with an example.

Tokens

A definition of token with examples.

Backdoor

A definition of backdoor with examples.

Types of Technology

A reasonably comprehensive list of information technologies.

Gamification

A list of gamification techniques.

Information Technology Problems

A list of common IT problems.

Types Of Cloud

The basic types of cloud computing.

Machine Data

The common types of machine data.

Types Of Software

The common types of software.

Proprietary Technology

A definition of proprietary technology with examples.

Systems Design

The common elements of a systems design.

Systems vs Applications

The difference between systems and applications explained.
The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map