Home

Information Security

Advertisements

Related Guides

Information Security

Confidential Information

Cybersecurity Risk

top » information technology » information security » defense in depth

What is Defense In Depth?

John Spacey, updated on November 23, 2016

Defense in depth is an IT security strategy that uses multiple layers of security controls. It is often explained with an analogy to a castle with many layers of defense such as moats, walls and finally a castle keep.

A basic principle of IT security is that components shouldn't trust each other. That is to say, that each component should assume that other components in an organization or technology stack have been compromised. It is impractical to have every single component in a large system that has no trust in anything. As such, layers are established that don't trust each other. The following are examples of layers used by defense in depth strategies.

Processes

Procedures

User Interfaces

Applications

Data Access Layers

Platforms

Servers

Operating Systems

Networks

Demilitarized zones

Data Repositories

The following are examples of techniques that may be used at each layer to implement security.

Training & situational awareness

Authentication & authorization

Pattern scanning such as anti-virus tools

Intrusion detection

Perimeters such as firewalls

Sandboxes

Overview: Defense In Depth
Type	Information Security
Definition	An IT security strategy that uses multiple layers of security controls.
Related Concepts	Information Security Privacy Human Error

Information Security

This is the complete list of articles we have written about information security.

Confidential Information

Critical Infrastructure

Cryptographic Keys

Cryptographic Salt

Cybersecurity Risk

Defense In Depth

Digital Identity

Failure Of Imagination

Incident Response

Network Security

Non-repudiation

Operations Security

Overlay Network

Password Entropy

Password Fatigue

Secure Code Review

Security As A Service

Security Controls

If you enjoyed this page, please consider bookmarking Simplicable.

Security vs Privacy

The relationship between security and privacy.

Security vs Privacy

Security vs Privacy »

Hardening

An overview of technology hardening.

What is Hardening?

What is Hardening? »

Deep Magic

An overview of deep magic, a technology term.

What is Deep Magic?

What is Deep Magic? »

Encryption Examples

A definition of encryption with examples.

7 Examples of Encryption

7 Examples of Encryption »

Encryption: Asymmetric vs Symmetric »

Encryption vs Hashing »

Canary Trap

A definition of canary trap with an example.

What is a Canary Trap?

What is a Canary Trap? »

Honeypot

A definition of honeypot with examples.

11 Examples of a Honeypot

11 Examples of a Honeypot »

Security Through Obscurity

A definition of security through obscurity with an example.

What is Security Through Obscurity?

What is Security Through Obscurity? »

Tokens

A definition of token with examples.

5 Examples of a Token

5 Examples of a Token »

Backdoor

A definition of backdoor with examples.

5 Examples of a Backdoor

5 Examples of a Backdoor »

Types of Technology

A reasonably comprehensive list of information technologies.

77 Types of Information Technology

77 Types of Information Technology »

What is Exploratory Data Analysis? »

What is Office Productivity? »

Gamification

A list of gamification techniques.

39 Examples of Gamification

39 Examples of Gamification »

25 Examples of Game Culture »

What is a Pervasive Game? »

Information Technology Problems

A list of common IT problems.

46 Common IT Problems

46 Common IT Problems »

7 Examples of Data Proliferation »

What is Design Debt? »

Types Of Cloud

The basic types of cloud computing.

10 Types Of Cloud

10 Types Of Cloud »

Machine Data

The common types of machine data.

7 Types of Machine Data

7 Types of Machine Data »

Types Of Software

The common types of software.

20 Types Of Software

20 Types Of Software »

81 Examples of Software »

70 Examples of Software Products »

Proprietary Technology

A definition of proprietary technology with examples.

5 Examples of Proprietary Technology

5 Examples of Proprietary Technology »

Systems Design

The common elements of a systems design.

13 Elements of Systems Design

13 Elements of Systems Design »

Systems vs Applications

The difference between systems and applications explained.

Systems vs Applications

Systems vs Applications »

Trending

The most popular articles on Simplicable in the past day.

22 Examples of Qualitative Data

22 Examples of Qualitative Data

A definition of qualitative data with examples.

Algorithms Guide

Algorithms Guide

A few types of algorithms.

Cryptography: Salt vs Pepper

Cryptography: Salt vs Pepper

The difference between cryptographic salt and pepper.

3 Examples of Unsupervised Learning

3 Examples of Unsupervised Learning

A definition of unsupervised learning with a few examples.

New Articles

Recent posts or updates on Simplicable.

IT vs ICT

The difference between IT and ICT.

44 Examples of Computing Platforms

44 Examples of Computing Platforms

A list of the basic types of computing platform.

Systems vs Software

Systems vs Software

The difference between systems and software.

Security Event vs Security Incident

Security Event vs Security Incident

The difference between a information security event and an incident.

Site Map

© 2010-2023 Simplicable. All Rights Reserved. Reproduction of materials found on this site, in any form, without explicit permission is prohibited.

View credits & copyrights or citation information for this page.

Home About Privacy Policy Cookies Terms of Use Contact Us Search

Cookies help us deliver our services. You have choices regarding these cookies. Please visit our privacy policy, cookie policy and consent tool to learn more.

Copyright 2002-2023 Simplicable. All rights reserved. This material may not be published, broadcast, rewritten, redistributed or translated. Report violations here.