From the course: Programming Foundations: Web Security
Join today to access over 24,700 courses taught by industry experts.
Security through obscurity
From the course: Programming Foundations: Web Security
Security through obscurity
- Security through obscurity is our next core security principle. It has a nice rhyme to it. It means that it's more secure to withhold or obscure information 'cause information is valuable to an attacker. Learning new information benefits an attacker. It never benefits a defender. Therefore, the less information you give out, the better. Information should be kept on a need to know basis. It's similar to the principle of least privilege that we saw earlier. Give out the least amount of information necessary to complete the job. Most Hollywood heist films have a scene where the heroes perform some reconnaissance on their target. They watch the outside of the building through binoculars. They wait patiently as key personnel come and go so they can create a schedule of their daily routine. They photograph the security guards. They make maps and note the locations of security cameras. When hackers perform reconnaissance…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
Least privilege3m 33s
-
(Locked)
Simple is more secure2m 40s
-
(Locked)
Never trust users3m 7s
-
(Locked)
Expect the unexpected2m 10s
-
(Locked)
Defense in depth3m 23s
-
(Locked)
Resilience4m 31s
-
(Locked)
Security through obscurity3m 56s
-
(Locked)
Deny-listing and allow-listing3m 3s
-
(Locked)
Map exposure points and data passageways3m 34s
-
-
-
-