defense-in-depth
Safeguard articles tagged "defense-in-depth" — guides, analysis, and best practices for software supply chain and application security.
9 articles
Defense-in-depth for a modern cloud-native application stack
Log4Shell and the XZ backdoor were caught two different ways — one by patching, one by a developer noticing 500ms of extra SSH latency. Neither alone is a strategy.
What Is Defense in Depth in Security?
Defense in depth is a layered security strategy that assumes any single control will eventually fail, so it stacks independent safeguards to slow and stop attackers. Here's how the model works and how it maps to the software supply chain.
Prompt-injection vectors specific to MCP servers and how to layer defenses
MCP servers expose three distinct prompt-injection surfaces — resource contents, tool outputs, and sampling requests — and each one needs its own defense layer. Here is how to think about them together.
What Is a Security Control?
A security control is a safeguard that prevents, detects, or responds to threats to reduce risk. Learn the types, categories, and how frameworks organize them.
What Is Security Hardening?
Security hardening reduces a system's attack surface by removing what it does not need and configuring the rest safely. Learn the principles, benchmarks, and how to apply it.
Prompt Injection Defense Architectures in 2026
Prompt injection remains the LLM01 entry on the OWASP LLM Top 10 for a reason. A pragmatic look at the defense architectures that hold up in production this year.
What is Defense in Depth
Defense in depth stacks independent security layers—source, build, dependencies, artifacts, runtime—so no single failure causes a breach.
WAF Bypass Techniques and What They Mean for Supply Chain Security
Web Application Firewalls are a critical defense layer, but they are routinely bypassed. Understanding bypass techniques helps you build defense in depth rather than relying on a single control.
Defense in Depth for the Software Supply Chain
No single control stops supply chain attacks. Defense in depth — layered controls across the entire software lifecycle — is the only strategy that works against sophisticated adversaries.