Resolver employs a “Defense in Depth” approach to security. The concept is not new; it is an age-old military strategy adapted to gain information assurance in today’s open access networked environments in shared Cloud platforms.
The “Defense in Depth” approach means the use of all available security mechanisms in the different layers of the application deployment infrastructure to minimize potential attack vectors by creating multiple layers of protection in case one mechanism fails.
It relies on the intelligent application of techniques and technologies that exist today. The strategy recommends a balance between protection capabilities, efficiency and cost, performance and operational considerations.
As Resolver uses Amazon Web Services (AWS) hosting and deploys production environments using the AWS Virtual Private Cloud (VPC) service, we heavily leverage AWS security features.
Network Level Security Controls (Layer 3 & 4 of OSI model):
Application (HTTP/HTTPS) Level Security Controls (Layer 7 of OSI Model):
OS Infrastructure Level Security Controls (Layer 4/5/6/7 of OSI Model)