Assumed Breach: A Better Model for Penetration Testing


  • Mike Saunders

The current model for penetration testing is broken. The typical scan and exploit model don’t reflect how real attackers operate after establishing a foothold.

At the same time, most organizations aren’t mature enough to need a proper red team assessment. It’s time to start adopting the assumed breach model.

In this talk, I’ll discuss techniques for assumed breach assessments that provide a better model for emulating the techniques attackers use once they’re they’ve established a foothold inside a typical network.