{"id":47224,"date":"2022-06-23T17:00:00","date_gmt":"2022-06-23T17:00:00","guid":{"rendered":"https:\/\/www.darkreading.com\/vulnerabilities-threats\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise"},"modified":"2022-06-23T17:00:00","modified_gmt":"2022-06-23T17:00:00","slug":"the-rise-fall-and-rebirth-of-the-presumption-of-compromise","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/","title":{"rendered":"The Rise, Fall, and Rebirth of the Presumption of Compromise"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt481ce449947cf4f5\/61eb1b0ba3de30188f4f0b5e\/SecurityLock_vska_Alamyjpg.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<h2 class=\"regular-text\">The Rise of the Presumption of Compromise<\/h2>\n<p>In cybersecurity, we often say that &#8220;prevention is ideal, but detection is a must.&#8221; But why do we say that? Shouldn&#8217;t both prevention and detection be musts in a layered, defense-in-depth security approach? Well, this saying is rooted in a realistic view of reality, where we, as cyber-defense professionals, have come to accept that it&#8217;s almost impossible to prevent the bad guys from breaking into connected systems. The choices are either total isolation (which, in some cases, <a href=\"https:\/\/cyber.bgu.ac.il\/advanced-cyber\/airgap\" target=\"_blank\" rel=\"noopener\">can be circumvented<\/a>) or risking a breach of the system. This notion of failing prevention has become a linchpin in our modern defense strategy and has become known as a &#8220;presumption of compromise.&#8221; That is, assume that you already have been breached and focus on never-ending detection and eradication of the&nbsp;badness lurking in your systems.<\/p>\n<p>Since we failed with prevention, we turned to detection. To paraphrase Churchill: No one pretends that detection is perfect or all-wise. Indeed, it has been said that detection is the worst form of defense except for all those other forms that have been tried.<\/p>\n<h2 class=\"regular-text\">The Inevitable Fall of Presumption of Compromise<\/h2>\n<p>Nevertheless, the current form of presumption of compromise \u2014 which focuses on rapid detection \u2014 is intended to fail because its contemporary version serves merely as a tactical tool rather than as a strategical framework. It tells you what not to rely on but doesn&#8217;t tell you how to truly solve the problem. Instead of providing a solution, presumption of compromise merely kicks the can down the road. <\/p>\n<p>In a <a href=\"https:\/\/www.splunk.com\/en_us\/blog\/security\/ransomware-encrypts-nearly-100-000-files-in-under-45-minutes.html\" target=\"_blank\" rel=\"noopener\">recent thought-provoking experiment,<\/a> security researchers from Splunk tried to determine the speed of encryption of modern ransomware malware families. They selected 10 ransomware families and measured the time it took each to encrypt 100,000 files on a victim&#8217;s system. The results were astonishing. It took 45 minutes on average, with the slowest ransomware (<a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/babuk-coding-errors-make-data-recovery-impossible-\" target=\"_blank\" rel=\"noopener\">Babuk<\/a>) able to encrypt the files within 3.5 hours, while the fastest ransomware (<a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/security-vendors-sound-the-alarm-on-lockbit-ransomware-s-return\" target=\"_blank\" rel=\"noopener\">Lockbit<\/a>) achieved this goal within only 4 minutes (!).<\/p>\n<p>Other <a href=\"https:\/\/securityintelligence.com\/posts\/analysis-of-ransomware\/\" target=\"_blank\" rel=\"noopener\">recent research<\/a>, which analyzed ransomware attacks, concluded that &#8220;the average duration of an enterprise ransomware attack reduced 94.34% between 2019 and 2021.&#8221; <\/p>\n<p>An additional parameter to consider in this context is breakout time, which measures how much time it takes for an adversary to hop from an initially compromised system on to the next. <a href=\"https:\/\/go.crowdstrike.com\/global-threat-report-2022.html\" target=\"_blank\" rel=\"noopener\">According to CrowdStrike<\/a>, the average breakout time in 2021 is 1.5 hours. In 2018, it was almost 2 hours. <\/p>\n<p>Unfortunately, these measurements provide a dismal forecast for our near future. The attackers are getting faster, and the ever-shrinking detection window is under a constant pressure.<\/p>\n<h2 class=\"regular-text\">Automation Arms Race<\/h2>\n<p>To detect faster, defenders turn to automation \u2014 sometimes by using static signatures and detection rules, and sometimes with the help of machine learning. Unfortunately, automation is not the monopoly of the good guys, and attackers use it as well. Being able to inflict damage faster and with fewer human personnel is serving the attackers&#8217; business models well, so the incentive to automate attacks has never been stronger.<\/p>\n<p>Once both sides \u2014 the attack and the defense \u2014 increasingly turn to automation, we end up in a spiraling automation arms race. The defenders have had a head start in this race, spending the last several years developing and deploying AI-based solutions. Nevertheless, it&#8217;s frightening to think about the consequences of the mass adoption of such technologies by the attackers, which continues to narrow the detection window. <\/p>\n<h2 class=\"regular-text\">The Rebirth of the Presumption of Compromise<\/h2>\n<p>The inevitable shrinkage of the detection window forces us to rethink its foundation. In the long term, it appears that detection alone is no longer a viable defense strategy. Instead, I believe that the focus of defensive strategy will be passed on to resilience \u2014 being able to recover quickly from an incident, with automation and volatile computerized systems that can be brought up and down instantly playing a pivotal role. <\/p>\n<p>Make no mistake: A presumption of compromise is a good idea after all. It keeps us sharp and realistic. Nonetheless, its current detection-oriented manifestation looks like a losing strategy over the long term. Instead, we should start focusing on resilient, self-recoverable, and instantly rebuildable systems. Such recoverability will lay out the missing brick of the solution: protection, detection, and resilience. Together, they have the power to form the holy trinity of a truly sustainable defense-in-depth strategy.<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The concept might make us sharp and realistic, but it&#8217;s not enough on its own.Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-47224","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>The Rise, Fall, and Rebirth of the Presumption of Compromise 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Rise, Fall, and Rebirth of the Presumption of Compromise 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-06-23T17:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt481ce449947cf4f5\/61eb1b0ba3de30188f4f0b5e\/SecurityLock_vska_Alamyjpg.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"The Rise, Fall, and Rebirth of the Presumption of Compromise\",\"datePublished\":\"2022-06-23T17:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/\"},\"wordCount\":729,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt481ce449947cf4f5\\\/61eb1b0ba3de30188f4f0b5e\\\/SecurityLock_vska_Alamyjpg.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/\",\"name\":\"The Rise, Fall, and Rebirth of the Presumption of Compromise 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt481ce449947cf4f5\\\/61eb1b0ba3de30188f4f0b5e\\\/SecurityLock_vska_Alamyjpg.jpg\",\"datePublished\":\"2022-06-23T17:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt481ce449947cf4f5\\\/61eb1b0ba3de30188f4f0b5e\\\/SecurityLock_vska_Alamyjpg.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt481ce449947cf4f5\\\/61eb1b0ba3de30188f4f0b5e\\\/SecurityLock_vska_Alamyjpg.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Rise, Fall, and Rebirth of the Presumption of Compromise\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Rise, Fall, and Rebirth of the Presumption of Compromise 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/","og_locale":"en_US","og_type":"article","og_title":"The Rise, Fall, and Rebirth of the Presumption of Compromise 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-06-23T17:00:00+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt481ce449947cf4f5\/61eb1b0ba3de30188f4f0b5e\/SecurityLock_vska_Alamyjpg.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"The Rise, Fall, and Rebirth of the Presumption of Compromise","datePublished":"2022-06-23T17:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/"},"wordCount":729,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt481ce449947cf4f5\/61eb1b0ba3de30188f4f0b5e\/SecurityLock_vska_Alamyjpg.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/","url":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/","name":"The Rise, Fall, and Rebirth of the Presumption of Compromise 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt481ce449947cf4f5\/61eb1b0ba3de30188f4f0b5e\/SecurityLock_vska_Alamyjpg.jpg","datePublished":"2022-06-23T17:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt481ce449947cf4f5\/61eb1b0ba3de30188f4f0b5e\/SecurityLock_vska_Alamyjpg.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt481ce449947cf4f5\/61eb1b0ba3de30188f4f0b5e\/SecurityLock_vska_Alamyjpg.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/the-rise-fall-and-rebirth-of-the-presumption-of-compromise\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"The Rise, Fall, and Rebirth of the Presumption of Compromise"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47224","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=47224"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47224\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=47224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=47224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=47224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}