There are events that are going to happen that you will never be fully prepared for. You can be patched to the hilt, have your networks, systems, and applications fully tested and vetted, and you will still run into issues, or be breached via what you do not know and can not predict. How can we be better prepared for the unexpected and prevent those events from having a detrimental effect on our organisations? How is threat modeling bigger than just attempting to prevent threats? How can we prepare for black swan events and ensure recovery? This talk will discuss and describe how a black swan event occurred in which an 0-day was dropped and our instrumentation and preparations were able to turn it into a nothing-burger, protecting the entire platform. I’ll discuss defences in a 6-figure container environment that have saved our bacon and avoided panic over multiple CVE’s. I’ll also talk about some interesting data points that illustrate continuous assurance concepts that illuminate how foundational actions can eliminate or mitigate threats even when a vulnerability or exploit rears its ugly head, or a breach occurs. Attendees should walk away with multiple ideas and concepts that may be applicable in their own processes and procedures to better be prepared for the unpredictable.