Assume Breach.

A security operating philosophy that designs controls, monitoring, and architecture around the premise that an adversary is already inside the environment, prioritizing detection, containment, and recovery alongside (not instead of) prevention. Es gehört zur Kategorie Verteidigung und Betrieb der Cybersicherheit.

A security operating philosophy that designs controls, monitoring, and architecture around the premise that an adversary is already inside the environment, prioritizing detection, containment, and recovery alongside (not instead of) prevention.

Assume Breach is a security operating philosophy popularized by Microsoft in the mid-2010s and now the default posture of mature programs and zero-trust architectures. Rather than treating prevention as the primary defense and detection as a backstop, an assume-breach program designs the environment as if the adversary has already gained a foothold and asks how detection, containment, recovery, and limiting blast-radius will hold up. Concretely this drives: network microsegmentation so lateral movement is constrained, identity-centric architecture (every request authenticated and authorized), endpoint detection and response everywhere, centralized logging with retention long enough for true-detection of slow campaigns, regular red-team and purple-team exercises against the live environment (not just labs), automated containment playbooks (isolate host, rotate keys, kill session), and recovery rehearsals (immutable backups, alternative paths to keep the business running). Assume Breach is a foundational principle of NIST 800-207 Zero Trust, the U.S. DoD Zero Trust Strategy, the U.K. NCSC Cyber Assessment Framework, and most modern security programs.

Schutzmaßnahmen gegen Assume Breach kombinieren typischerweise technische Kontrollen und operative Praktiken, wie in der Definition oben beschrieben.

Übliche alternative Bezeichnungen: Breach-tolerant security, Compromise-tolerant design.