From the course: Practical Secure by Design: Threat Modeling to Build Resilient Products
Join today to access over 24,900 courses taught by industry experts.
Defense in depth
From the course: Practical Secure by Design: Threat Modeling to Build Resilient Products
Defense in depth
- [Instructor] Until this point, we have talked about secure defaults, minimizing attack surface and principle of least privilege. Now that you have implemented these design principles, the next important step is to understand defense in depth. Defense in depth talks about the independent layers that are required to protect your application, product, or infrastructure against attackers. What is defense in depth? It talks about building multiple, independent layers of security controls. Multiple layers are required because if one layer fails, then you have another layer protecting your application and assets from the attackers. Please remember, defense in depth is not affixed to a security vulnerability. Often when there are vulnerabilities identified, instead of fixing vulnerabilities, engineers and product teams try to come up with defense in depth and assume that the vulnerabilities get fixed automatically, that's not…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.