3 minute read time.
The need for Defense in Depth strategies, DiD's, are becoming more commonplace not only internally across global companies but also now span across different industries in different DiDs flavours. They allow the organisational units of the distant past AD Domain's to be refined into required business units, such as the GPO's.


Microsoft's AD structure gave holistic options with domain activities on an operational level, it also by its own existence, identified gaps in domains that were not really focusing on business goals. Over the years, the gaps were patched, filled, taped and or glued, but in most cases the logged-discoursed gave the need for a new breed of monitoring technology. Provided you had none of the mentioned gaps, SIEM platforms for example, enabled you to take any vendor logic to better feed its activity into your domains business goals.


Millennium logic technologies provided the start of postural thinking, which now refines itself in most IT Departments, or at least enhancement of monitoring activities like SIEM platforms.


Whilst security breaches are not a new concept within corporate estates, technology standardisation allowed the rules of technology operation to be changed,  which why Defense in Depth is now an important concept that can be used to determine which users own critical data and mechanisms outside the enterprise estate that can use called on.


DiDs, allow you to think posture across an entire estate, it helps you define the ambiguity into its business goal.  Industry required standardisation provided simplification of TCP based networks, which in itself, now increased the need for DiDs.

Edge technologies allowed operational efficiency such as SSL termination, load balancing, installing Waf modules, but none of these edge technology now provide a one method of security, which might have been the case for the millennium technologies. Clearly, DiDs is a refining methodology that is here to stay, especially as its use becomes more common.


DiDs as an unstructured method, can take into consideration pre millennium methods such as authentication methods, auditing functions and internal CIA activities such as logging. So how does Dids enhance known technologies? normalisation of tables is no longer a mystical concept, without even knowing the schema you can determine table headers ( SQL Injection ),  ISO TCP protocols are well document and still being enhanced ( poodle ) or even applications and their platform, android, IoS or Java ( Waf ) are now known entities and its more easier, in fact, also, easier to automate any Owasp concern and compromise any legacy CIA efforts to protect critical enterprise data.


Fortunately, for the security industry, flow based SIEM platforms like Qradar, whose original focus of flows, still, match to this day, the unison of a properly deployed millennium AD Domain, using its SIEM capabilities as a value add enhancement. So across the vendor generation life cycles, Dids can be considered a safe concept, its application is not defined straight out the box, in fact, only the business does.


For businesses that are now Mobile, Store and Online, Dids enables a strong level of comfort thinking and combining that with security postural awareness of business platforms, enables a stronger approach to enhancing any CIA activities your organisation has in place, for example DiDs would allow you to take IBM's Criminal Detection system and position it to compliment your WAF product, ensuring the security policy around critical data is driven by your business needs rather than industry alerts.


Whether its ATM Fraud, IoT or connectivity of things, Cybercrime as a service, Smart Cities or cars - Did's is one method to take into account. Did is the thinking component that enables the holistic enablement use of vendor technology - Of course, this is all assuming you have gaps!