Key Takeaways
- Defense in depth is foundational
- Threat modeling drives design decisions
- Frameworks provide structure (SABSA, TOGAF)
- Security by design not bolted on
Contents
1. Security Architecture Overview
Security architecture is the discipline of designing systems with security built in from the start. It bridges business requirements, risk management, and technical implementation.
2. Core Design Principles
- Defense in depth: Multiple security layers
- Least privilege: Minimum necessary permissions
- Fail secure: Default to deny on errors
- Separation of duties: No single point of compromise
- Minimize attack surface: Reduce exposure
- Simple is more secure: Complexity breeds vulnerabilities
3. Architecture Frameworks
- SABSA: Business-driven enterprise security architecture
- TOGAF: Enterprise architecture with security
- NIST CSF: Identify, Protect, Detect, Respond, Recover
- CIS Controls: Prioritized security actions
- Zero Trust: Never trust, always verify
4. Threat Modeling
# STRIDE methodology:
# S - Spoofing (identity)
# T - Tampering (data)
# R - Repudiation (actions)
# I - Information disclosure
# D - Denial of service
# E - Elevation of privilege
# Process:
1. Decompose the system (data flow diagrams)
2. Identify threats (STRIDE per element)
3. Rank threats (DREAD or risk matrix)
4. Determine mitigations
5. Validate mitigations5. Security Design Patterns
# Common patterns:
# - Gateway/proxy pattern (API gateway, WAF)
# - Segmentation (network zones, microsegmentation)
# - Broker pattern (credential vaulting)
# - Observer pattern (SIEM, monitoring)
# - Sandbox pattern (isolated execution)
# Anti-patterns to avoid:
# - Security through obscurity
# - Hardcoded secrets
# - Over-privileged services
# - Single point of failure6. Cloud Security Architecture
- Shared responsibility: Know your boundaries
- Landing zone: Secure baseline deployment
- Hub-and-spoke: Centralized network security
- Workload segmentation: VPCs, security groups
- Identity federation: Centralized auth
7. Architecture Review Process
- Understand business context and requirements
- Review system design and data flows
- Conduct threat modeling
- Assess against security requirements
- Identify gaps and recommendations
- Document findings and track remediation
8. Becoming a Security Architect
- 5-10 years security experience
- Strong technical foundation
- Certifications: CISSP, SABSA, TOGAF
- Communication and business skills
- Broad security domain knowledge
FAQ
What's the difference between security architect and engineer?
Architects design the blueprint and make strategic decisions. Engineers implement and build those designs. Architects focus on "what" and "why," engineers on "how."