• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Accounting for Defense in Depth in Website Security

October 19, 2016Tony PerezEspanolPortugues

FacebookTwitterSubscribe

In the field of Information Security (InfoSec) we like to use the phrase defense in depth. Like many things, it is a borrowed term with roots dating back millennia (216 B.C. – the second Punic war). It’s a term that refers to tactics employed by militaries around the world in which they would deploy layers of defenses designed to impede an attacker’s progress, forcing them to exert and exhaust available resources, in turn making them susceptible to counter-attack.

Beaumaris Castle, 1295. Early employment of a Defense in Depth strategy.
Beaumaris Castle, 1295. Early employment of a Defense in Depth strategy.

Defense in depth is a concept that can be used to build a strategy designed to identify, mitigate, and eradicate cyber attacks. It’s used across a number of domains can also be employed in website security.

To appreciate this ideology, you have to subscribe to a very simple principle: There is no 100% complete solution capable of protecting any environment.

Website Security

When we talk about website security, like any other InfoSec domain, we view security holistically. Using a defense in depth strategy facilitates this process. A good defense in depth strategy not only looks the depth of the defensive controls but also takes into consideration the breadth of the attack surface and the differing tools across the stack. This approach provides you a more accurate picture of today’s threat landscape. It clearly illustrates that the problem extends well beyond the application or its extensible components.

defense-in-depth-breadth

An effective defense in depth strategy will look to implement complementary overlapping defensive controls (i.e. layered defenses) designed to identify and mitigate attacks.

Additionally, employing a defense in depth strategy is something that your organization must subscribe to. The tools you leverage, whether it be an application or cloud security solution, are but a means to an end. No single tool will provide your organization a complete defense in depth strategy. This is because security is more than any one tool, but rather a marriage between people, process, and technology.

people-process-technology-chart

Lastly, it is imperative to understand the difference between a tool that employs defense in depth in its design and solution, versus the defense in depth strategy you must employ as an organization.

An example would be Sucuri’s product offering. Each of our tools is part of a layered defense strategy. From the cloud-firewall looking to mitigate external attacks to our monitors that look for changes, which then are sent to our Incident Response Team to remediate these security incidents.

While we boast the idea of employing a defense in depth strategy in the design of our offering, we can’t say it’s the only defense in depth strategy an organization will need. The strategy involves much more than our tools. Instead, we say that we are a complementary solution to your existing security posture and we encourage you to use any other tools you require to round out your defensive position.

FacebookTwitterSubscribe

Categories: Security Education, Website SecurityTags: Best Practices

About Tony Perez

Tony is the Head of Security Products at GoDaddy and Sucuri Co-Founder. His passion lies in educating and bringing awareness about online threats to business owners. His passions revolve around understanding the psychology of bad actors, the impacts and havoc hacks have on website owners, and thinking through the evolution of attacks. You can find his personal thoughts on security at perezbox.com and you can follow him on Twitter at @perezbox.

Reader Interactions

Comments

  1. Thomas Zickell

    October 21, 2016

    Happy to hear “There is no 100% complete solution capable of protecting any environment.”
    It is true & so many think otherwize.

  2. Thomas Zickell

    November 20, 2016

    I should have been more clear when I wrote this post. I believe Sucuri is as close to 100% as you can get. I know this because I am a customer of Sucuri, Incapsula, Armor/FireHost & CloudFlare ( CloudFlare plans under $3000 are ineffective against most attacks.)

    Sucuri is capable of offering levels equal to or better than Armor Complete & Armor Anywhere to put that in perspective Armor Anywhere $2,000 a month minimum.
    Armor Complete is approximately $3,500 this is base price.

    The ability to use Sucuri on the host of your choosing is a incredible benefit. For agencies like mine who require unique setups for different clients. Sucuri has ability to target many geographic location’s this is something more SEO’s and anyone that cares about their site should focus on the ability to serve content to the end-user with the fastest response time.

    Sucuri Accomplishes this even if you’re on a server in the USA and targeting Brazil for instance.

    Yes it is true nothing is impregnable and with new botnets and the IoT making it possible for super botnets it is wonderful to know there is protection at a price anyone can afford.

    Sucuri’s capabilities are amazing and if you care about your website I would recommend signing up. I am saying this is a client not because I am gaining anything from writing this but to help people.

    • Tony Perez

      November 20, 2016

      Thanks @tomzickell:disqus for stopping by and sharing the kind words. It’s a testament to what the whole team is working on.

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Sucuri Sidebar Malware Removal to Signup Page

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2023 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.