In the past, I’ve spoken at length on the criticality of assuming breaches can and will occur rather than simply seeking to focus solely on preventing breaches from occurring. Dating back to 2009 this security strategy, called Assume Breach, has historically been executed by two core groups in Microsoft: The Red Team (attackers) and the Blue Team (defenders). We now introduce the Green Team (fixers).