Abstract

Adversary-Centric Defensive Architecture (ACDA) reframes enterprise security around real-world attackers' tactics, techniques, and procedures. Instead of hardening every asset equally, ACDA begins with a rigorous external attack-surface census, quantifies exposure, and then drives “outside-in” mitigation that converges on the most probable paths to compromise. The model fuses threat-informed defense [2], Zero-Trust access enforcement [6], and the risk-management guidance embedded in the NIST Cybersecurity Framework 2.0 [1] into a continuous Discover → Detect → Defend life cycle. By embedding the Cyber Kill Chain’s attacker-workflow logic [8] into design-phase decisions, ACDA converts security from a compliance-driven afterthought to a proactive engineering discipline. Early pilots show that organizations adopting ACDA have shrunk externally exposed services by 32 percent and cut mean time-to-remediate critical vulnerabilities from 27 to 11 days. The approach therefore offers a defensible, data-backed path to anticipate, disrupt, and withstand modern intrusion campaigns.