Interesting point.
What would be your suggestion(s) to strengthen security in a production
environment according to your experience ?
At the moment I mostly rely on redundant single defenses to slow down
potential intrusion so that it gives me some precious extra time to
react and isolate the LAN. However I can feel how weak and unsatisfying
such a system is when uptime matters, since this "strategy" implies a
rather long recovery time...

cheers
Fred

Ray Parks wrote:

> Just remember this aphorism - Depth without Breadth is useless.
> We engaged in a series of experiments within the DARPA IA program in
>which we proved that Defense in Depth is an over-rated concept. Layered
>defenses can actually be weaker than single defenses because
>administrators/developers think that another layer is providing the defense
>they are ignoring. The results of these experiments were recorded in a
>paper, unfortunately I don't have a cite at this time.
> Bottom line - we were able to get through layers of defense in depth
>because we could attack each layer in a different way. This allowed
>attacks to woogle through to the goal despite multiple layers of defense.
>
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]