Defence in depth for B2B SaaS: identity, secrets, and blast-radius containment
A layered model for authN/Z, secret hygiene, and zero-trust networking that keeps customer data isolated even when a component is compromised.
Identity is the perimeter. Short-lived credentials, hardware-backed keys for admins, and continuous session risk scoring beat long-lived passwords every time.
Secrets never live in env files in production. We mount ephemeral volumes, rotate frequently, and scope KMS policies so a single leaked key cannot decrypt historical backups.
Network segmentation limits lateral movement: namespaces per tenant class, egress allow-lists from sensitive workloads, and service mesh policies that default deny.
Detection complements prevention: structured audit logs, anomaly baselines on auth patterns, and tabletop exercises that feed back into architecture decisions.
Security is not a gate at the end; it is a set of constraints that shape how we build, deploy, and operate.