Recent Breaches

Breaches

2026PowerSchool62.4M records stolen 2026DISA Global Solutions3.3M records stolen 2026Globe Life850K records stolen 2026HertzUndisclosed records stolen 2026NHS ScotlandUndisclosed records stolen 2025Marks & Spencer9.4M records stolen 2025PayPal35K records stolen 2025Co-operative GroupUndisclosed records stolen 2025Jaguar Land RoverUndisclosed records stolen 2024National Public Data2.9B records stolen 2026HertzUndisclosed records stolen 2026NHS ScotlandUndisclosed records stolen 2025Marks & Spencer9.4M records stolen 2025PayPal35K records stolen 2025Co-operative GroupUndisclosed records stolen 2025Jaguar Land RoverUndisclosed records stolen 2024National Public Data2.9B records stolen 2026PowerSchool62.4M records stolen 2026DISA Global Solutions3.3M records stolen 2026Globe Life850K records stolen

Control Blueprints

FIRE controls the path. VAULT protects the asset.

Six buyer-led Blueprints. Each one names its lead layer, the primary modules that deliver it, and the supporting modules that round it out.

Find your Blueprint See modules compose

6: Blueprints
9: Modules
3: Lead types

What a Blueprint is

A pattern. A lead layer. A defined set of modules.

FIRE-led

Controls the path. Disconnects, isolates and severs the route the attack would take.

VAULT-led

Protects the asset. Holds the data, identity and evidence behind verifiable controls.

FIRE + VAULT

Path and asset together. Used where access must be controlled and what it touches must be locked.

Blueprints in play

See the modules compose a Blueprint.

Deal nine modules into a path. Firebreak lands on the gate and the route severs. Click any card to pause.

How to read this

The cards are modules. The line is the path between the user and the asset. Each Blueprint chooses which modules sit on the path and which support it.

Untrusted

Internet, email

Firebreak · Isolate

Corporate IT

Endpoints, file shares

Clean Recovery

Backups, snapshots

Untrusted

Internet, email

Firebreak · Isolate

Corporate IT

Endpoints, file shares

Open

Clean Recovery

Backups, snapshots

RW·Break the attack path, contain systems, preserve clean recovery.

Module deck

Re

Relay

Ex

Execute

Un

Unlink

Va

Validate

Ar

Archive

Lo

Lock

Tr

Transfer

Fire — path controlProtect — asset protection

The six Blueprints

Pick a Blueprint to see the modules in detail.

Filter by lead layer, module or sector to narrow the patterns that fit your environment.

Showing 6 of 6 Blueprints

Stop Kill-Chain Ransomware

Stop ransomware moving, spreading or reaching the crown jewels.

Primary modules

FirebreakIsolateExecute

Financial servicesHealthcarePublic sectorDefence

Contain Active Breaches

When prevention fails, containment must be physical, immediate and provable.

Primary modules

FirebreakIsolateExecute

Financial servicesEnergyPublic sectorDefence

CP-03FIRE + VAULT

Control Third-Party Access

Give third parties access without giving them a permanent doorway.

Primary modules

ValidateRelayLock

TransferArchiveExecute

Financial servicesHealthcareEnergyPublic sector

Enforce Physical Segmentation

Segmentation should not just be logical. It should be physically enforceable.

Primary modules

FirebreakIsolateUnlink

DefenceCritical infrastructurePublic sectorManufacturing

CP-05FIRE + VAULT

Protect Critical Infrastructure

Keep critical systems available, controlled and disconnected from unnecessary exposure.

Primary modules

FirebreakIsolateRelayExecute

TransferArchiveLock

EnergyCritical infrastructureDefenceManufacturing

Prove Compliance Through Control

Compliance becomes stronger when control can be demonstrated, not just documented.

Primary modules

ValidateLockArchive

TransferRelayExecuteFirebreak

Financial servicesHealthcarePublic sectorCritical infrastructure

The nine modules

Every Blueprint is built from these.

Physically opens or closes connection paths to prevent unauthorised access and stop attack progression.

Separates systems and networks into controlled zones to reduce lateral movement and enforce trust boundaries.

Allows connectivity only when needed, for a defined purpose, under controlled conditions and for a limited time.

Initiates control actions when a policy, approval, schedule, incident state or supervisory override requires action.

Checks whether a request, command or approval should proceed before access, action or transfer is allowed.

Preserves critical files and records for recovery, retention, compliance, continuity and evidential integrity.

Removes persistent connections, live dependencies and inherited trust relationships that keep sensitive assets exposed.

Restricts access through identity, authority, policy, permission and operational controls.

Controls how sensitive assets move into, out of or between protected environments through approved paths.

Solutions in Control How Control works Firebreak product

Online Now

Concierge

Compose Control for your environment

Talk to our team about combining these Blueprints around your estate.

Takes about 2 minutes. No account needed.

Free2 minsNo sign-up

Firevault

Firevault is Offline Secure Storage. Hardware you own, physically disconnected by default, with KYC-verified access. Ransomware-proof by design, not by patch.

© 2026 Firevault Limited. Disconnect to Protect®