Plan, Build, Prove — with the D-Loop Engineering Method

Make secure deployments predictable, traceable, and defensible across teams and pipelines.

ISAUnited’s D-Loop Engineering Method turns security intent into engineered, auditable outcomes. Instead of the legacy “Discover–Detect–Defend” philosophy, the D-Loop standardizes how teams: Define, Design, Deploy, Detect, Defend, and Document—a closed loop that links requirements, architecture, implementation, telemetry, validation, and evidence. The result: predictable, secure deployments, traceable decisions, and artifacts that stand up to audit, assurance, and peer review.

1. Define

Establish the mission, scope, and guardrails.

Capture business goals, risks, data classes, and compliance drivers.
Identify components, trust boundaries, interfaces, and owners.
Write measurable acceptance criteria and initial traceability.

2.Design

Engineer the architecture before configuration.

Model the system (views, boundaries, failure/containment domains).
Select and layer controls mapped to ISAU Defensible 10 Standards (D10S).
Plan instrumentation (what to log, where to detect) and adversary tests.
Record design decisions and trade-offs for accountability.

3. Deploy

Make configuration code—and make it repeatable.

Apply secure baselines via IaC, policy-as-code, and hardened templates.
Enforce keys, secrets, and identity policies; register assets & owners.
Track changes and environments with version control and approvals.

4. Detect

Instrument what you intend to enforce.

Route logs, metrics, and traces to approved platforms; map each control to a signal.
Validate sample events and alert logic; close gaps with targeted sensors.
Maintain a coverage index so leaders can see what’s truly monitored.

5. Defend

Prove enforcement, not just configuration.

Run adversarial checks, tabletop exercises, and control validation playbooks.
Document residual risks with owners and time limits; verify mitigations.
Sign off only when acceptance criteria are met with evidence.

6. Document

Make security visible—and portable.

Package the lifecycle evidence (design, configs, tests, results, approvals).
Publish a final engineering summary and lessons learned.
Feed updates back into Define to close the loop and improve templates.

FREE Download

Change Log:

August 2025 - This document and method replaced the 2023-24 3D Model.

Join ISAUnited for the professional support and growth that you won't find anywhere else

ISAUnited gives you the best professional and technical resources.

Join now

HQ: 1-844-453-4411

Why Join ISAUnited?

Play

Become a Member Today

Membership Types

Get Involved

Technical Fellow Society Our Society is a prestigious body of seasoned experts whose leadership and counsel guide the advancement, integrity, and operations of our cybersecurity architecture and engineering mission.

ISAUnited Credentials, Certifications, & Accreditation

Click here for an overview:

Certified Professional Licenses (CPL)

Team Training & CAE Certification

Security by Design Accreditation

The School of Engineering Cyber Defense

Learning Starts Here

Professional Programs

Student Resouces

Find Your Pathway

Join Knights Nation Online school for cyber architecture & engineering—build a portfolio and follow a clear path to CPL.

ISAUnited's Defensible 10 Standards

Visit Defensible10.org Explore the open standards library, download the 2025 Draft Edition, and join the Open Season to contribute Sub-Standards that advance true cybersecurity engineering.

Security Standards

Security Controls

Security Design

Launching Fall 2025. ISAUnited’s Defensible 10 Standards offer a vendor-neutral, engineering-grade blueprint across ten core security domains for provable security by design beyond compliance.

U.S. Cyber Architecture and Engineering Report Card

Coming 2026 — Defensible Grades. Transparent scoring. Repeatable methods. Public accountability.

About

ISAUnited's Core Divisions & Programs

Cybersecurity Architecture

Cybersecurity Engineering

Security by Design

Cyber Sciences

Coming 2026 — Cybercrime Division. A new ISAUnited department that fuses cyber-criminal intelligence, digital forensics, and U.S. cyber-law insight to sharpen every architecture and engineering decision.

Our Practices in Cybersecurity Architecture & Engineering

Overview

Fundamentals

Enterprise Security Architecture Design Frameworks and practices for enterprise-scale, defensible architectures.

NEW Mastering Security by Design Your field guide to turning goals into defensible designs—principles, models, and methods.

Our Story & Mission

Play

Who We Are

Enterprise Security Architecture Body of Knowledge. The ESABOK from ISAUnited empowers architects and engineers to navigate architecture conformity and standardized processes for secure design confidently.

Plan, Build, Prove — with the D-Loop Engineering Method

Make secure deployments predictable, traceable, and defensible across teams and pipelines.

Join ISAUnited for the professional support and growth that you won't find anywhere else

ISAUnited gives you the best professional and technical resources.

Guest

Members

Technical Fellow Society

Our Society is a prestigious body of seasoned experts whose leadership and counsel guide the advancement, integrity, and operations of our cybersecurity architecture and engineering mission.

Join Knights Nation

Online school for cyber architecture & engineering—build a portfolio and follow a clear path to CPL.

Visit Defensible10.org

Explore the open standards library, download the 2025 Draft Edition, and join the Open Season to contribute Sub-Standards that advance true cybersecurity engineering.

Launching Fall 2025.

ISAUnited’s Defensible 10 Standards offer a vendor-neutral, engineering-grade blueprint across ten core security domains for provable security by design beyond compliance.

Coming 2026 — Defensible Grades.

Transparent scoring. Repeatable methods. Public accountability.

Coming 2026 — Cybercrime Division.

A new ISAUnited department that fuses cyber-criminal intelligence, digital forensics, and U.S. cyber-law insight to sharpen every architecture and engineering decision.

Enterprise Security Architecture Design

Frameworks and practices for enterprise-scale, defensible architectures.

NEW Mastering Security by Design

Your field guide to turning goals into defensible designs—principles, models, and methods.

Enterprise Security Architecture
Body of Knowledge.

The ESABOK from ISAUnited empowers architects and engineers to navigate architecture conformity and standardized processes for secure design confidently.