Yeah, to validate that your defense-in-depth actually works, so that your system stays anti-fragile even when each and every vendor is assumed to be breached at some point.
j previous speech k next speech