After World War I, the French erected a famous border defense that was hailed as a military marvel. It was quickly rendered useless by new blitzkrieg-style warfare and its failure ultimately resulted in the allied evacuation of Dunkirk. Military strategy has since that time employed a concept of Defense in Depth.
Some proponents would argue that a defense in depth is a delaying strategy whereby you yield slowly to the enemy rather than head on engagement.
In the world of computing – A defense in depth is a layer of security controls, defenses and protections. We like to see different technologies, different vendors, and different algorithms as we continually work to protect your environments. We don’t just install antivirus software and hope for the best.
In addition to backups, firewalls, cloud based heuristics, antivirus active protection, antiviral global data exchange, DNS sanitizing, we have recently added new tools and processes that do breach detection – essentially allowing us to know when something has bypassed all the layers of security.
An example of what we have been to be able to detect is a type of malware called fileless malware. Its very difficult to detect since it uses tools that are required by and built-in to Windows. These are hijacked by adversaries and used to carry out attacks. Essentially, Windows is turned against itself. There is no payload or software that is installed.
In a recent incident we found that an executive’s laptop which had been outside of our controlled environment had been compromised by a breach leaving behind no additional software or any other trace – except the fileless malware that we were able to identify and neutralize. Left untreated their passwords and data would have been compromised allowing ongoing access for the attackers.
We will continue to improve our security posture and depth of defense as we work 24×7 to protect our clients networks and business operations!