Join Kevin Skoglund for an in-depth discussion in this video Defense in depth, part of Programming Foundations: Web Security.
…The next core security principle that we'll talk about is defense in depth.…When you go skydiving you don't just take one parachute.…You take a second, backup parachute.…And that's what defense in depth essentially…means, is having an extra parachute for yourself.…It's another way of saying that you have layered defenses.…Originally defense in depth was a military term.…The idea is to slow the advance of an attacker…because over time an attack loses…momentum, and therefore it's not as effective.…
Imagine positioning an army at the top of a hill.…Now forget about any advantages that might come…from just being higher up on the hill.…If an attacker's going to attack you at the top…of that hill, they've got to come up the hill.…And by the time the attacker gets to the top of the…hill they're going to be exhausted, and then they have to fight you.…It's a layered defense, where the slope of the hill is part of your defenses.…When…we're talking about computers, we're talking about redundant security.…There are three main areas that you'll want to focus on for defense in depth.…
This course is great for developers who want to secure their client's websites, and for anyone else who wants to learn more about web security.
- Why security matters
- What is a hacker?
- How to write a security policy
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- SQL injection
- Session hijacking and fixation
- Passwords and encryption
- Secure credit card payments
Skill Level Beginner
1. Security Overview
2. General Security Principles
3. Filtering Input, Controlling Output
4. The Most Common Attacks
5. Encryption and User Authentication
6. Other Areas of Concern
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.