### Week 8: Defense-in-Depth

Understand the concept of defense-in-depth and how a layered approach to security is a core engineering practice.
- Learn about Security Principles: Understand the principles of "fail-safe" (a system that defaults to a safe state upon failure, e.g., a traffic light stuck on red) and "fail-secure" (a system that defaults to a secure/locked state upon failure, e.g., a server logging out all users if a security service fails).

Defense-in-Depth: Understand how a multi-layered security approach is stronger than relying on a single defense mechanism (e.g., using a firewall, an intrusion detection system, and user authentication together).

Diagram a hypothetical system and add multiple layers of security (e.g., a firewall, an intrusion detection system, and user authentication).

https://devguide.owasp.org/en/02-foundations/03-security-principles/#:~:text=block%20the%20exploit.-,Fail%20Safe,upon%20design%20or%20implementation%20flaws.

#### Fail-safe and Fail-secure
 https://www.google.com/search?q=security+principles+cybersecurity+fail-safe&num=10&sca_esv=ad0273e9029daca4&rlz=1C1PNFE_enPH1112PH1112&sxsrf=AE3TifOfCALvlrxhw6sFpe_nKKIH3GS_Ew%3A1759417126349&ei=JpPeaOv2D5_e2roPmNnqyA4&ved=0ahUKEwjrocrG44WQAxUfr1YBHZisGukQ4dUDCBA&uact=5&oq=security+principles+cybersecurity+fail-safe&gs_lp=Egxnd3Mtd2l6LXNlcnAiK3NlY3VyaXR5IHByaW5jaXBsZXMgY3liZXJzZWN1cml0eSBmYWlsLXNhZmUyBRAhGKABMgUQIRigATIFECEYoAEyBRAhGJ8FSPoKUO4BWPgJcAF4AZABAJgBogGgAZ4JqgEDMi44uAEDyAEA-AEBmAILoALWCcICChAAGLADGNYEGEfCAgYQABgWGB7CAgsQABiABBiGAxiKBcICCBAAGIAEGKIEwgIIEAAYogQYiQXCAgUQABjvBcICBxAhGKABGAqYAwCIBgGQBgiSBwMyLjmgB9wusgcDMS45uAfQCcIHBTAuOC4zyAch&sclient=gws-wiz-serp

In cybersecurity, a "fail-safe" approach, also known as fail-safe defaults or fail secure, is a design principle where a system's default configuration denies all access by default, requiring explicit permission for anything to be allowed. If a system encounters an error or failure, it should revert to this secure state, restricting access rather than leaving resources unprotected, thereby preserving confidentiality, integrity, and availability. 

https://www.linkedin.com/pulse/understanding-principle-fail-safe-defaults-marc-degli-xgxcc/

Fail-safe = Unless a user is explicitly granted permission, access should be denied by default.
Having fail-safe defaults ensures that there are no alternative methods made by the server as these actions could potentially open doors for attackers to exploit the system, denial of service attacks (DoS) are usually done this way. 

Principle of least privilege : access should be granted only to a specific need or what is necessary so if this account is compromised then there risks wont spill over to other areas of concern.

##### How Fail-Safe Works:
https://devguide.owasp.org/en/02-foundations/03-security-principles/#:~:text=block%20the%20exploit.-,Fail%20Safe,upon%20design%20or%20implementation%20flaws.

1. Deny by Default:
- Instead of denying access only to specific actions, the system starts with a restrictive stance, denying everything unless a rule specifically permits it. 
2. Explicit Permissions:
- For access to be granted, explicit authorization must be provided. This is like using an "allowlist" (or whitelist) of permitted actions rather than a "denylist" (or blacklist) that blocks specific items.
3. Secure State During Failure:
- If a design or implementation flaw occurs, or an attack happens, the system will automatically fall into a secure state, restricting access instead of granting it. 

Example: A new cloud storage folder being set to "private" by default ensures files aren't exposed until explicit sharing permissions are granted


##### Why Fail-Safe is Important
1. Prevents Unauthorized Access:
- By defaulting to denial, it significantly reduces the chances of an attacker or unauthorized user gaining access to sensitive information or functions. 
2. Increases Security:
- Implementing fail-safe defaults makes security a core part of the system, rather than an afterthought
3. Detects Flaws Faster:
- A design or implementation mistake that leads to access refusal is a "safe" failure that is quickly detected, according to Shostack + Associates. In contrast, a mistake that grants unintended access is often unnoticed. 
4. Core to Information Security:
- The principle aims to uphold the fundamental goals of information security: confidentiality (keeping information secret), integrity (ensuring information is accurate), and availability (making sure systems and data are accessible when needed),