The Vulnerability History Project
Warning: Our website does not support Internet Explorer, please use Edge instead.
Is this vulnerability an example of **defense in depth**?
Defense in Depth is a principle of cybersecurity that states that security mitigations need to exsist throughout the system, not just in single layers.
Think of Defense in Depth like a medieval castle in England. Those castles were designed with defense in mind, adding some sort of defense at each layer. First there are hills and cliffs to scale, then a moat, multiple walls, and all types of defenses throughout. Even the final spiral staircase up to the King's bedroom will rotate in such a way that favors right-handed defenders at the top of the stairs.
Defense in Depth is a useful as an argument that, hard as we tried to secure the perimeter, we must assume that attackers got through and so we must focus on securing inner layers too.
We're sorry, we had trouble loading the data...
Don't just think about code complexity, think about *input* complexity.