A strategy of layering multiple, independent security controls so that if one fails, others still protect the asset.
Defense in depth assumes no single control is perfect. By stacking layers, such as network, endpoint, application, and data controls, it ensures that the failure of one does not expose the asset directly.
The approach buys time and raises the cost for an attacker, who must defeat several distinct barriers rather than a single point of protection.
KaitoSec