What is Defense-in-Depth
Defense-in-depth, also known as ‘Simplicity-in-security’, is an information security strategy that provides multiple, redundant defensive measures in case a security control fails or vulnerabilities are exploited. It is used to reinforce end-user and network security. It proves the assumption that too many protection measures sometimes can lead to issues and gaps which attackers can take advantage of.
Defense-in-depth architecture is based on controls, which are aimed at the protection of various aspects of the network. These controls are physical, technical and administrative. Physical ones refer more to the security guards and companies. Technical controls include measures like tools to protect systems and resources by means of specific software (such as antivirus programs). Administrative controls contain procedures and policies concerning sensitive user data.
Among the measures, which are taken to prevent successful attacks, the following ones can be singled out:
- Access measures (include authentication controls, access time limits, VPN and the like).
- Workstation defenses (include protective software, such as anti-spam and antivirus programs).
- Data protection methods (include information at rest encryption, hashing, data transmission and encrypted backups).
- Perimeter defenses (include firewalls, intrusion detection and prevention systems).
- Measures to monitor and prevent network attacks (includes logging and auditing network activities, vulnerability scanners, sandboxing and security awareness training).
Defense-in-depth use cases
Defense-in-depth use cases fall into two huge parts, which are:
- User protection scenarios. It involves a wide combination of security options (WAF, anti-spam software, etc.) and training to block threats and critical data protection. The user’s network would be ensured against malware, application attacks (such as XSS or CSRF).
- Network security scenarios. A firewall is set up along with encryption of both the data flowing through the network and the data at rest. If an attacker manages to get through the firewall, the data would be secure. In another scenario, along with the firewall an Intrusion Protection system with experienced security operators is run and antivirus programs are deployed. In case an attacker manages to break through the installed firewall, the attack would be detected and stopped by the IPS. In case the attacker reaches the user’s computer and makes an attempt to install malicious software, the antivirus would detect and remove this malware.
Launched in 2019 and based in Dubai, SmartState is one of the leading DeFi security auditing firms. We conduct security tests and check the code core, smart contracts and blockchain for all types of errors, vulnerabilities and other issues.
Although SmartState gave a start to operations with smart contract auditing of DLT-projects, from the very beginning, we made our services surpass the classic purview of smart contract audit and security testing. We specialize in manual testing, so the SmartState’s tech team of white-hat security professionals measure up a project’s git and offer guidelines and recommendations for its further advancement. Security audit reports review the threats and vulnerabilities with which codebases may be exploited in the future, as the network achieves scalability and expands to accommodate more use cases and functionality.
Stay tuned and find more about us and what we provide on our: