The key to protecting your organization against critical threats is preparation. While your team may have all the right certifications, proven processes, and the latest and greatest threat detection tools, it’s hard to know how well these components will work together without testing them. Purple team assessments can help you drive your capabilities forward, evaluate a new policy or procedure, and get more value from your technology investments.
During this assessment, our team (the red team) executes attack scenarios to test specific aspects of your defense team’s capabilities (the blue team). Both teams coordinate their actions and responses, creating the ultimate purple team.
During this phase, our red team works closely with your blue team to identify the capabilities, controls, and technologies that make up your program. Focus areas include monitoring, active defense, response, and physical security.
Following these sessions, the red team designs scenario-based tests tailored to your team’s capabilities. These are provided to the blue team for feedback.
The red team kicks off the test scenarios, carefully logging and time-stamping all activities so they can easily be compared to blue team responses. Throughout this phase, our team works side-by-side with the blue team.
For each scenario, our team carefully evaluates the effectiveness of the controls in place, documenting recommendations for improvement when needed.
For each control weakness or gap the red team identifies, our team can help the blue team make improvements or design additional controls. This typically includes developing modifications, rules, signatures, or integrations that address identified deficiencies.
In this final phase, our team provides a full report of our observations during test execution, documenting activities and responses. This report includes a summary of your overall security posture and any suggested remediation efforts. Following delivery, our team can perform additional remediation testing.