Book Description
Despite deploying the latest security technologies, organizations still struggle to defend cloud-based web applications against sophisticated cyberattacks. Many companies have turned to the popular defense-in-depth (DiD) technique, but this multilayered approach has its shortcomings. So where is the industry headed next? This insightful ebook demonstrates a new approach to DiD that enables current security tools to operate in concert rather than independently.
Stephen Gates, edge security evangelist and SME at Oracle Dyn, shows you how companies can establish integrated lines of defense similar to the way in which modern militaries operate on the battlefield. By the end of this book, CSOs, CISOs, security managers, and other professionals will understand how to implement the recommendations in this book today using the security technologies they already have in place.
With this ebook, you’ll examine:
- Why today’s security technologies alone aren’t enough to protect web applications
- How the existing approach to DiD for cybersecurity falls short of its goals
- An example of how the modern military uses integrated lines of defense that work in concert
- Eight lines of defense—including edge routers, DDoS defenses, and WAFs—that are best for protecting cloud-based web applications
- Ways to use automation and supervised machine learning to integrate your security approaches
Table of Contents
- Preface
-
1. What’s Not Working, and Why?
- Expense and Complexity of Solutions
- Attackers Understand How Security Technologies Work
- This Approach Is Not Adequately Protecting Internal Users
- This Approach Is Not Adequately Protecting Internet-Facing Web Applications
- Noise, Noise, and Even More Noise
- Integration Is What’s Missing with This Approach
- Conclusion
- 2. Learning from Military Defense
- 3. Cloud-Based Lines of Defense for Web Application Security
- 4. How to Achieve the Integrated Approach
- 5. The Future of Defense in Depth