Defense in Depth

TECHNICAL DEFINITION

Defense in Depth is a robust cybersecurity architecture strategy that deploys redundant, layered security controls across an organization's IT infrastructure, encompassing physical, technical, and administrative safeguards, to establish a resilient defense against sophisticated cyber threats and reduce the impact of single-point-of-failure vulnerabilities.

BACKGROUND

Defense in depth is a concept used in information security in which multiple layers of security controls (defense) are placed throughout an information technology (IT) system. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited.

SYNONYMS & ALIASES

• Layered Security
• Multi-layered Defense
• Tiered Security
• Onion Model
• Redundant Security

USAGE NOTE

It's a fundamental principle in cybersecurity architecture, often implemented across networks, applications, and data to enhance overall resilience.

DEVELOPERS

Organizations developing technology related to Defense in Depth.

• Cisco

  Cisco provides a comprehensive portfolio of security products and solutions, including network security (firewalls, IPS), endpoint security, cloud security, and advanced malware protection, all of which are essential components for implementing a multi-layered defense-in-depth strategy.

• Palo Alto Networks

  Palo Alto Networks offers a security platform that integrates next-generation firewalls, cloud security, endpoint protection, and security analytics, enabling organizations to build robust, multi-layered defenses against sophisticated cyber threats.

• Fortinet

  Fortinet develops and markets cybersecurity software, appliances, and services, such as firewalls, antivirus, intrusion prevention, and endpoint security. Their Fortinet Security Fabric approach focuses on integrating various security elements for a comprehensive defense-in-depth architecture.

• Microsoft

  Microsoft provides extensive cybersecurity capabilities across its cloud services (Azure Security), operating systems (Windows Defender), and enterprise solutions (Microsoft 365 Security), offering a wide array of tools for identity, endpoint, data, and cloud protection to support a defense-in-depth model.

• CrowdStrike

  CrowdStrike is a leader in cloud-delivered endpoint and workload protection, threat intelligence, and security operations. Their Falcon platform offers multiple layers of defense, including anti-malware, endpoint detection and response (EDR), and managed threat hunting services, crucial for modern defense-in-depth.

• Trellix

  Trellix (formed from the merger of McAfee Enterprise and FireEye Products) offers an extensive portfolio covering endpoint, network, and cloud security, with a strong focus on Extended Detection and Response (XDR) which integrates multiple security technologies to provide a stronger, more layered defense.

• Lockheed Martin

  As a major defense contractor, Lockheed Martin develops advanced cybersecurity solutions and technologies for government agencies and critical infrastructure, employing sophisticated defense-in-depth strategies to protect highly sensitive systems and national security assets.

• Tenable

  Tenable specializes in vulnerability management and attack surface management. By providing comprehensive visibility into an organization's security posture and identifying weaknesses across various layers, Tenable helps fortify and optimize an existing defense-in-depth strategy.