Analyst & Research Reports

O'Reilly Modern Defense in Depth

Issue link:

Contents of this Issue


Page 40 of 53

or through human expertise. Let's take a look at how these two solu‐ tions work, including the advantages and challenges of each so that you can figure out which is best for your organization. Method One The first method to obtain integration between the lines, is obtained by integrating the user interfaces (UIs) that provide access to all lines of defense. In most organizations, every technology in each line of defense comes with its own UI. This results in many different operating requirements, expertise, and expense. Most organizations today operate with dozens of UIs in their organizations. On the other hand, there are some promising steps being made in the cloud. For example, some cloud-based web application security vendors offer a fully integrated UI, from which all defensive lines can be accessed, monitored, controlled, configured, and supported —all from a single screen. An integrated UI is one of the first steps that should take place in a modern DiD approach to better web application security. Although integrating the UIs of the deployed security technologies is an advantage to the overall technology management, and it can give you the impression that the lines of defense are actually fully integrated "under the hood." Unfortunately, that's not always the case. The following is an example of what I mean by this: Organizations often receive tactical threat intelligence from external sources in the form of threat feeds, and an integrated UI can be used to help push those threat feeds to the various lines of defense. How‐ ever, one major challenge organizations face is that this is nearly always a manual process, and it does not always address the collec‐ tion and sharing of internally gained threat intelligence similar to the modern military. Also, it does not address automating configu‐ ration changes on one line of defense from the intelligence gained from another line. Let's look at different approaches. Method Two The next level of integration being achieved today is by way of human expertise. This concept currently holds a great deal of promise. This is beginning to be performed in various organiza‐ tions. For example, many of today's cloud-based web application security providers who offer the highest levels of security-as-a- How Integration Is Achieved Today | 31

Articles in this issue

view archives of Analyst & Research Reports - O'Reilly Modern Defense in Depth