For decades, the industry standard was "defense in depth"—building higher walls and deeper moats. But for the modern Blue Team (defenders), simply sitting back and waiting to be breached is a recipe for disaster.
The document stresses that you cannot "hack back" to a third-party IP. However, you can : offensive countermeasures the art of active defense pdf
Embedding unique tracking links in sensitive-looking documents. When the attacker opens the stolen file, their IP address and system info are phoned home to the defender. 2. Deception Techniques Offensive Countermeasures: The Art of Active Defense The