Our purple team assessment combines the expertise of our Digital Forensics and Incident Response (DFIR) and Threat and Attack Simulation (TAS) Teams to transform tabletop exercises into live-fire scenarios. These realistic attack scenarios, driven by offensive professionals (Red) and experienced DFIR-guided help (Blue), walk through your organization’s security posture/incident procedures to identify gaps while providing best practice recommendations.
We help you validate, extend and expand your Incident Response capabilities, while actively working to reduce your threat profile through proven methodology and coordinated execution of both compromise and investigation. Each scenario is tailored to your organization’s needs, with actual scenarios based on your organization’s strengths/weaknesses. The result is you gain real-world visibility of what actions would look like in an actual compromise.
As part of a purple team exercise, our Red and Blue teams work with your internal security team to:
In this next phase of the purple team assessment, our experts:
The final phase of the purple team assessment focuses on developing a final deliverable that includes both red team and blue team activities, as well as an executive summary and an in-depth technical analysis section that details the following:
Every purple team assessment is designed to help your internal security team become more self-sufficient. Training is included, and it leverages the expertise of our Threat and Attack Simulation team (Red) in conjunction with our Digital Forensics and Incident Response team (Blue) to provide you with direction and guidance around threat investigation processes.
In order for our Red and Blue cybersecurity teams to prepare actionable deliverables at the end of each assessment, each team works collaboratively with your organization’s internal team to validate objectives for the Purple Team process, perform active exploitation of the pre-defined tactics, techniques and procedures, and develop a final deliverable that includes identified vulnerabilities, critical observations, associated tactical recommendations, and associated strategic recommendations.
Each deliverable includes Red Team and Blue Team cybersecurity activities as well as the following primary sections:
Our Purple Teaming Services offer a more comprehensive approach to security by combining the strengths of our TAS team (Red) in conjunction with our DFIR team (Blue) to identify and remediate security vulnerabilities. Our purple team assessment combines the expertise of our TAS and DFIR teams to transform tabletop exercises into realistic attack scenarios that our Blue and Red teams drive — these live-fire scenarios allow our teams to walk through your organization’s security posture and incident procedures in order to identify security gaps and provide best practice recommendations.
These realistic attack scenarios allow us to operationally understand your environment, reduce the time it takes to detect suspicious activities and respond to them, and effectively transfer knowledge to your organization’s security professionals. We include these live-fire scenarios into our purple teaming services to allow your organization to avoid challenges such as confusion and miscommunication, delays and uncertainty, missed objectives, and broken rules of engagement.
Certifications