• Home
  • /Archive by category ' Assumed Breach '

Archive For: Assumed Breach

The Capital One breach and what we should really be talking about

I’m not going to try and write anything regarding the attack vector, Erick Johnson did that well here: https://ejj.io/blog/capital-one I’m not going to give an executive overview, Krebs did that well here: https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/ I really just want to bring up something I haven’t heard enough people talking about, detection. There has been lots of conversation ... Read More

The Assumed Breach Model – A Practical Approach Part 3

In Part 1 of this series I gave a brief overview of  the assumed breach model of security.  In Part 2, I dove into some details about major components to implementing the assumed breach model.  In Part 3, I am going to provide some concise, real world steps to moving toward this mindset within an ... Read More

The Assumed Breach Model – A Practical Approach Part 2

In Part 1, I gave a brief overview of the Assumed Breach model.  In this part, I will begin to dive a little deeper into some of the areas where the assumed breach model can focus.  I am going to cover three areas: Network Segmentation Tiered Accounts and Access Control Log Management and Threat Hunting ... Read More

10 Immutable Laws of an Assumed Breach

A few years back Microsoft released a set of 10 Immutable Laws of Security. These are tried and true and should be a foundation of security posture.  I have been developing some information around the Assumed Breach model of security.  You can read about it in a series of blog posts I am going to ... Read More

The Assumed Breach Model – A Practical Approach Part 1

This is something I have been socializing for a while now, but I thought it was time to start putting some of thoughts down in writing. So what is the assumed breach model of security? To put it simply, it is a security strategy that assumes any given endpoint is breached and controls risk as ... Read More