A look at defence in depth

Kenneth Bechtel Team Anti-Virus

  download slides (PDF)

In the past I wrote a paper for the Secure Focus website on defence in depth. In that paper, the corporation was divided into 'zones'. This paper was referenced and leveraged in the Team Anti-Virus 'ABCs of Corporate Malware Protection Handbook', and integrated to the AVIEN corporate protection book published in August 2007.

With this paper we hope to answer the following questions: are the zones and presumptions that were identified still valid? What are new factors and variables that need to be integrated in the defence in depth model?

By reviewing and challenging existing perceptions, we will discuss what modifications need to be made to meet current threats. This concept will not be limited to putting scanners at choke points and desktops, but will include things like PMDF and website blocks, and other generic protective mechanisms. By looking at the mechanisms the malware authors use, and comparing them to defensive countermeasures put in place, I hope to be able to put in writing the current concept of best practices for a defence in depth model that can be communicated and implemented by corporate practitioners.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.