Analyst & Research Reports

O'Reilly Modern Defense in Depth

Issue link: https://hub.dyn.com/i/1077963

Contents of this Issue

Navigation

Page 4 of 53

Table of Contents Preface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v 1. What's Not Working, and Why?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Expense and Complexity of Solutions 1 Attackers Understand How Security Technologies Work 2 This Approach Is Not Adequately Protecting Internal Users 3 This Approach Is Not Adequately Protecting Internet-Facing Web Applications 5 Noise, Noise, and Even More Noise 6 Integration Is What's Missing with This Approach 6 Conclusion 8 2. Learning from Military Defense. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Military Usage of Defense in Depth 11 Cybersecurity Usage of DiD 13 Conclusion 14 3. Cloud-Based Lines of Defense for Web Application Security. . . . . . . 15 Defensive Line 1: Edge Routers 15 Defensive Line 2: DDoS Defenses 16 Defensive Line 3: DNS 17 Defensive Line 4: Reverse Proxies 19 Defensive Line 5: Bot Management 20 Defensive Line 6: Web Application Firewalls 21 Defensive Line 7: API Defenses 24 Defensive Line 8: Caching 25 Conclusion 26 iii

Articles in this issue

view archives of Analyst & Research Reports - O'Reilly Modern Defense in Depth