| ▲ | __s 5 days ago | |
Defense in depth is a security best practice because adding shit to a mess is more feasible than maintaining a simple stack. "There are always systems you don't know about" reflects an environment where one person doesn't maintain everything | ||
| ▲ | fdw 5 days ago | parent | next [-] | |
No, defense in depth is a best practice because you assume that each layer can fall. It is more practical to have many layers that are very secure than to have one layer that has to be perfectly secure. | ||
| ▲ | yadaeno 5 days ago | parent | prev [-] | |
I think you are confusing “security through obscurity” and “defense in depth”. You can add layers of high quality simple systems to increase your overall security exponentially, think using a VPN behind TOR etc. | ||