Believe it or not, defense in depth has its foundation (no pun intended) in medieval times. Back then, the term referred to the use of multiple mechanisms incorporated to protect the royal treasure, 如果一种机制失败了, 另一个是在适当的地方防御攻击.
Similarly, the term is also used by the military to describe a strategy for delaying the advance of an attacker. 而不是将所有可用的人力集中在一道坚固的防线上, this approach is designed to slow the advance of an attacker by buying enough time to wear them down. 这使得他们容易受到反击，最终失败.
Defense in depth for cyber security takes the best of both scenarios and applies them to approaches that include guidance for controls (military strategy) as well as hardware and software solutions (castle walls). Defense-in-depth strategy elements contain approaches intended to stop and/or slow an attacker's efforts. The defensive mechanisms are layered to protect valuable data and information and act like marbles to hinder the progress of a threat, 慢慢地，磨损它, until either it ceases to threaten or until additional resources can pitch in to help eliminate that threat.
The castle's main gate is protected by an army of soldiers and surrounded on all sides by a large fence.
前门有重兵把守，所以冰球突破豪华版试玩得另找一条路进去. 他们对大门周围的防御很有信心, 城堡不考虑其他进入的方式，包括;
Because there is no single method that can successfully protect against every single type of attack, companies choose to employ a defense in depth architecture to better protect IT resources. Implementing a collection of security solutions increases the security of a system as a whole and addresses many different attack vectors. This coordinated use of multiple security countermeasures also includes how a team monitors, is alerted to, 并对威胁做出反应. This way, damage avoidance or mitigation that cannot be managed by purely technological measures can be enacted before the full effects of a threat are realized.
Using an 先进的对手模拟 to test a company's defenses helps determine if security strategies are set up properly to identify emerging threats and warn teams. 如果公司选择信任使用单一安全层, an attacker will quickly pivot around that protected area to another area full of vulnerabilities that are wide open. 通过结合防火墙, 恶意软件扫描, 数据加密和完整性审计解决方案, 入侵检测系统, companies close gaps otherwise left exposed by the use of a single security layer.
Q: What are some ways you can help keep attackers off of your on-prem/cloud network?
Brian: So to keep the attackers at bay and keep them out of the cloud and on-premise networks，你真的需要一个好的防守策略和深度. You know, don't just rely on that one or two tools and think that they're going to be everything. 一个好的攻击者会先在你身上做功课. They're going to do lots of enumeration to figure out what type of defenses you may have in place to see if there are bypasses or something they can develop to bypass. 所以你需要有一个整体的观点, alright, 考虑到我现在的情况这是我的 内部网络, 这是我的云网络, and here's how they all communicate; where are my largest areas of weakness? 现在我知道我的 最大的弱点 are, how can I put something to detect if someone is aiming for that weakness or if someone is aiming for that vulnerable soft area in either the cloud network or the on-premise network. 并且要有深度防御，这样即使冰球突破豪华版试玩绕过了反病毒程序, there's plenty of artifacts that we leave behind as attackers that still allow you to find us and hopefully stop us, or find the real attacker and stop the real attacker before they do ransomware or whatever it is they're trying to accomplish.
Q: Why do so many organization fail to notice that an attacker got into their network?
Brian: One of the reasons companies may think that they're protected when they put all this investment in - and attackers are still getting in, 冰球突破豪华版试玩每天都能在新闻中看到. 这些公司都被入侵了 are 投资于安全. 他们的工作是监督安全, but oftentimes, 这也是你必须拥有攻击者心态的事情之一, or, as I mentioned earlier; if the only way you think to get into a building is through a door, you're going to put all your security around the doors and not realize that people can go through windows. 公司的内部网络或云网络也是如此. If you think the only way into the 内部网络 is through the VPN or this cloud access security broker and you put all of your attention, 你所有的意识和注意力都集中在那些事情上, 你忘记了坏人会思考 多个不同的向量, and they're going to go in through the side entrance to get into your network, or they're going to go through some legacy system that you'd forgotten about.