Assume Breach.

A security operating philosophy that designs controls, monitoring, and architecture around the premise that an adversary is already inside the environment, prioritizing detection, containment, and recovery alongside (not instead of) prevention. 它属于网络安全的 防御与运营 分类。

A security operating philosophy that designs controls, monitoring, and architecture around the premise that an adversary is already inside the environment, prioritizing detection, containment, and recovery alongside (not instead of) prevention.

Assume Breach is a security operating philosophy popularized by Microsoft in the mid-2010s and now the default posture of mature programs and zero-trust architectures. Rather than treating prevention as the primary defense and detection as a backstop, an assume-breach program designs the environment as if the adversary has already gained a foothold and asks how detection, containment, recovery, and limiting blast-radius will hold up. Concretely this drives: network microsegmentation so lateral movement is constrained, identity-centric architecture (every request authenticated and authorized), endpoint detection and response everywhere, centralized logging with retention long enough for true-detection of slow campaigns, regular red-team and purple-team exercises against the live environment (not just labs), automated containment playbooks (isolate host, rotate keys, kill session), and recovery rehearsals (immutable backups, alternative paths to keep the business running). Assume Breach is a foundational principle of NIST 800-207 Zero Trust, the U.S. DoD Zero Trust Strategy, the U.K. NCSC Cyber Assessment Framework, and most modern security programs.

针对 Assume Breach 的防御通常结合技术控制与运营实践,详见上方完整定义。

常见的别称包括: Breach-tolerant security, Compromise-tolerant design。