Defensive security is the practice of protecting networks, systems, and data from cyber threats through preventive measures, continuous monitoring, and incident response. It aims to detect, prevent, and mitigate security risks before they can cause damage.
Unlike offensive security, which focuses on simulating attacks to find vulnerabilities, defensive security strengthens an organization’s cyber resilience by using technologies such as firewalls, intrusion detection systems (IDS), endpoint security, and Security Information and Event Management (SIEM).