Skip to main content

Security Architecture

Design and implement comprehensive security architectures that protect systems, data, and users through layered defense strategies, zero trust principles, and risk-based security controls.

When to Use

Use security architecture when:

  • Designing security for greenfield systems (new applications, cloud migrations)
  • Conducting security audits or risk assessments of existing systems
  • Implementing zero trust architecture across enterprise environments
  • Establishing security governance programs and compliance frameworks
  • Threat modeling applications, APIs, or microservices architectures
  • Selecting and mapping security controls to regulatory requirements (SOC 2, HIPAA, PCI DSS)
  • Designing cloud security architectures (AWS, GCP, Azure multi-account strategies)
  • Addressing supply chain security (SLSA framework, SBOM implementation)

Key Features

Defense in Depth (9 Layers):

  • Physical security, network perimeter, network segmentation, endpoint protection
  • Application layer security, data encryption, identity and access management
  • Behavioral analytics, security operations (SIEM, SOAR)

Zero Trust Architecture:

  • Continuous verification: Never trust, always verify
  • Least privilege access with just-in-time permissions
  • Assume breach: Design for compromise, limit blast radius
  • Micro-segmentation: Divide networks into small isolated zones

Threat Modeling Methodologies:

  • STRIDE: Threat identification for development teams
  • PASTA: Risk-centric analysis for enterprise risk management
  • DREAD: Risk scoring for prioritizing existing threats
  • Attack Trees: Visual threat analysis for security architecture reviews

Control Frameworks:

  • NIST Cybersecurity Framework 2.0: 6 core functions (GOVERN, IDENTIFY, PROTECT, DETECT, RESPOND, RECOVER)
  • CIS Critical Security Controls v8: 18 controls in 3 implementation groups
  • OWASP Top 10 Risk Mitigation: Map application security risks to architectural controls

Quick Start

# Zero Trust Architecture Components

Policy Engine: Centralized authorization decision point
Identity Provider (IdP): User/machine identity verification (Azure AD, Okta)
Device Posture Service: Device health checks (MDM, EDR integration)
Context/Risk Engine: Behavioral analytics, location, time, threat intelligence
Policy Enforcement Points: ZTNA gateways, API gateways enforcing decisions

STRIDE Threat Modeling Process:

  1. Model the system using data flow diagrams (DFDs)
  2. Identify threats by applying STRIDE to each component/data flow
    • Spoofing: Impersonation attacks → Mitigation: MFA, certificate validation
    • Tampering: Data modification → Mitigation: Encryption, digital signatures
    • Repudiation: Denying actions → Mitigation: Audit logs, non-repudiation
    • Information Disclosure: Data exposure → Mitigation: Encryption, access controls, DLP
    • Denial of Service: Unavailability → Mitigation: Rate limiting, DDoS protection
    • Elevation of Privilege: Gaining higher privileges → Mitigation: Least privilege, patching
  3. Document threats with STRIDE categories
  4. Prioritize threats using DREAD scoring or business impact
  5. Design mitigation controls

Cloud Security Architecture (AWS Example):

# Multi-Account Security Strategy
# Use AWS Organizations with:
# - Security OU (Security Account, Logging Account, Audit Account)
# - Workload OUs (Production, Non-Production)
# - Service Control Policies (SCPs) for guardrails

# Key AWS Security Services:
# IAM: AWS IAM, IAM Identity Center (SSO), Cognito
# Detection: GuardDuty, Security Hub, Detective
# Network: AWS WAF, Shield (DDoS), Network Firewall
# Data: KMS, Secrets Manager, Macie
# Compute: Systems Manager, Inspector

References