Infrastructure

tag: [Engineer/Developer, Security Specialist, Devops, Cloud, SRE]

Infrastructure can often be overlooked in web3, but it's often a very important area given that most front-end web applications are running on centralized infrastructure. This section focuses on Infrastructure Security, encompassing critical aspects such as cloud infrastructure, DNS providers, domain registrars, and DDoS (Distributed Denial of Service) protection.

When designing your architecture, it may be worth considering how many different providers you rely on. Are you going to use different providers for infrastructure, DDoS protection, domain registration, and DNS, or will you choose a provider that provides all of these? On one hand, putting all eggs in one basket means a failure on said service would cause downtime, however by using a single service and ensuring it’s following all best practices with regards to security measures means a lower risk surface.

Contents

  1. Asset Inventory
  2. Cloud Infrastructure
  3. DDoS Protection
  4. DNS and Domain Registration
  5. Network Security
  6. Operating System Security
  7. Zero-Trust Principles