April 2019
Intermediate to advanced
52 pages
1h 7m
English
Content preview from Modern Defense in Depth
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 1. What’s Not Working, and Why?
When you examine the context of defending your users and public-facing web applications deployed in your data centers, you need to understand what’s not working, and why. We discuss the expense and complexity of available solutions, what attackers know and understand, the deficiencies seen in both user and web application protection, a major noise problem that exists, and, finally, why attackers are so successful.
Expense and Complexity of Solutions
For nearly two decades, organizations have taken the multivendor approach as suggested by industry experts, deploying independent lines of defense that operate autonomously in nearly every case. Unfortunately, most of these technologies are designed to solve only a single problem, and they are often found to be marginally deployed, which equates to expensive and ineffective solutions.
For example, to combat cyberthreats targeting users today, it has become a common practice to deploy independent lines of defense between users and the internet. These include next-generation firewalls, advanced intrusion prevention systems, network access control, and end-point malware protection. Data loss prevention systems, sandboxes, identity access and management systems, automated patching solutions, security information and event management solutions, and so on are often deployed around the periphery of the networks supporting the users’ network connectivity.
In addition, many of the security technologies ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.