What Is Purple-Teaming?
Those familiar with cyber security lingo will know the ins-and-outs of red and blue teams. While red teams mimic likely attacks, blue teams work to defend them. In Purple-Teaming, both join forces to create a continuous feedback loop. Hence, the name PurpleTeam. In turn, TeamPurple is an evermore intelligent entity that can evolve and learn from each opposing activity.
While we aren’t the first to adopt this symbiotic approach, we have taken this popular practice to a new and more effective level with our purpose-built methodology.
Our PurpleTeam Methodology
Most Purple-Teaming services offer dynamic penetration testing and call it a day. With us, penetration testing is just a small part of our sophisticated six-step process. With plenty of breathing room before and after active testing phases, we never waste time examining improbable events or leave you confused about how we got from A to B.
-
1. Threat Intelligence and Information Gathering
Identify relevant threats and attackers to yield the most applicable and useful data. -
2. PurpleTeam Scenario Build and Playbook Creation
Review tactics, techniques and procedures (TTPs) to simulate the most realistic security breach. -
3. PurpleTeam Exercise — Round 1
Perform round one of active testing with real-time feedback between red and blue teams. -
4. Remediation
Address issues identified in round one of testing and orchestrate an opportunity to eliminate them. -
5. PurpleTeam Exercise — Round 2
Significantly improve security performance during re-test as a result of new, collective intelligence. -
6. Executive Presentation
Contextualise PurpleTeam results for accurate cost-saving projections and important actions.
While red teams mimic likely attacks, blue teams work to defend them. In Purple-Teaming, both join forces to create a continuous feedback loop.
Purple-Teaming has the obvious benefit of maximising the work of both offensive and defensive teams. Taking two disconnected teams and creating a cooperative mindset dramatically reduces the time it takes to remedy existing and upcoming threats.
With our tried-and-tested PurpleTeam methodology, you can also expect:
Tailored, Realistic Assurance that considers your environment, industry and geography –– not just your run-of-the-mill attacks.
Process Optimisation to streamline processes, people and technology for a leaner, meaner security department.
Budget Optimisation to justify your investments and help your security spend make more sense.
Go beyond penetration testing to sharpen your security and cut company costs — all in one, simple service.
Go Beyond Penetration Testing
Access the most dynamic, tailored purple teaming service on the market.