All labs
Lab 51
Secure Architecture

Defense in Depth

An attacker tries to reach patient data through layers โ€” WAF, gateway auth, service authorization, network isolation, DB permissions, encryption. Toggle layers on and off and watch how far the attack gets when one fails.

An attacker is heading for the patient data. Toggle security layers off (simulating failures or gaps) and launch the attack โ€” watch how far it gets before something stops it.
๐Ÿ˜ˆattacker
โ†’
๐Ÿ›ก๏ธWAF
โ†’
๐ŸšชGateway auth
โ†’
๐Ÿ”Service authz
โ†’
๐ŸŒNetwork isolation
โ†’
๐Ÿ—„๏ธDB permissions
โ†’
๐Ÿ”’Encryption
โ†’
๐Ÿ“Patient data

Turn off WAF and gateway auth and attack โ€” service authz still stops it. Keep turning layers off one by one; only when the last one falls does the attacker reach the data.

What just happened