Fundamental Security Principles

There are eight fundamental security principles. These principles are the basis for all security defenses. Attacks developed in the future may evolve, but these guiding principles will always be the foundation for preventing them.

1. Never trust users
2. Least privilege
3. Simple is more secure
4. Expect the unexpected
5. Defense in depth
6. Security through obscurity
7. Prefer whitelisting over blacklisting
8. Map data movement and exposure