Achieving Defendable Architectures via Threat-Driven Methodologies
A system cannot defend itself: the design and operations of any system must account for this fact. Defendable architectures marks a shift towards systems and enterprises designed for active defense-informed by the threat-driven approach, which supersedes the compliance-driven, vulnerability-driven and hardened system approaches. Understand the threats. Improve the controls. Reduce the risk.