Layered defenses are multiple security controls used together so that if one control fails, others still reduce risk. Instead of relying on a single firewall, blocklist, or password policy, defenders combine measures such as phishing-resistant multi-factor authentication, endpoint detection, patching, application allowlisting, segmentation, and backup recovery. The goal is resilience: no single bypass should expose the whole environment.
This matters because attackers often work around individual controls. For example, proxy or VPN infrastructure can hide source traffic, while stolen credentials or malware may evade one detection layer. A layered model forces an intruder to defeat several barriers and increases the chance that unusual behavior is detected somewhere in the stack. In practice, defenders use layered controls to limit lateral movement, stop privilege escalation, and preserve recovery options even when one system is compromised.