Facebook Details the "Defense-in-Depth” Approach Used to Secure its Platform

[silversurfer]

Facebook revealed the "defense-in-depth" approach it uses to make sure that its platform and services are secure and to find, fix, and prevent security issues to reach live deployment and affect end users.

As described by Collin Greene, Facebook's Manager of Product Security, the social networks' development and security teams use a "layered" approach for bug prevention and patching.

Because bugs can later evolve into very serious security vulnerabilities would-be attackers could use to gain access to Facebook users' data, the social network giant's development workflow includes multiple measures designed to keep them in check.

Moreover, the Facebook defense-in-depth platform security approach uses five different bug filtering layers: secure frameworks, automated testing tools, peer and design reviews, red team exercises, and a bug bounty program.

"Designing Security for Billions"

Source: https://www.bleepingcomputer.com/news/se...-platform/