Purple Team Assessment

Evaluate and develop your cybersecurity team's capabilities in a single engagement: a purple team assessment.
Are you ready for a Purple Team Assessment?

Ready for a Purple Team Assessment?

The key to protecting your organization against critical threats is preparation. While your team may have all the right certifications, proven processes, and the latest and greatest threat detection tools, it’s hard to know how well these components will work together without testing them. Purple team assessments can help you drive your capabilities forward, evaluate a new policy or procedure, and get more value from your technology investments.

Our Approach

During this assessment, our team (the red team) executes attack scenarios to test specific aspects of your defense team’s capabilities (the blue team). Both teams coordinate their actions and responses, creating the ultimate purple team.

Phase 1

During this phase, our red team works closely with your blue team to identify the capabilities, controls, and technologies that make up your program. Focus areas include monitoring, active defense, response, and physical security.

Following these sessions, the red team designs scenario-based tests tailored to your team’s capabilities. These are provided to the blue team for feedback.

  • Information-Gathering Sessions
  • Custom Test Design
  • Project Plan

Phase 2

The red team kicks off the test scenarios, carefully logging and time-stamping all activities so they can easily be compared to blue team responses. Throughout this phase, our team works side-by-side with the blue team.

For each scenario, our team carefully evaluates the effectiveness of the controls in place, documenting recommendations for improvement when needed.

  • Test execution
  • Activity logs
  • Recommendations for improvement

Phase 3 (Optional)

For each control weakness or gap the red team identifies, our team can help the blue team make improvements or design additional controls. This typically includes developing modifications, rules, signatures, or integrations that address identified deficiencies.

  • Recommendations for improvement
  • Design assistance
  • Implementation assistance

Phase 4

In this final phase, our team provides a full report of our observations during test execution, documenting activities and responses. This report includes a summary of your overall security posture and any suggested remediation efforts. Following delivery, our team can perform additional remediation testing.

  • Summary of overall security posture
  • Documented activities and responses
  • Recommendations for improvement

Different from the Rest

At Focal Point, we take a different approach to managing cyber risk.

Customized Tests

We design our tests around your established objectives to test and strengthen your team's capabilities. Each scenario is unique to your team, program, and threat landscape.

Control Enhancements

We help your team strengthen controls through hands-on collaboration, which can include rapid retesting to ensure your defenses are now effective.

Learning Experience

Our assessments are designed to be a learning opportunity for your team. Our experts are skilled at working alongside blue team members, helping them understand complex threat vectors and the strategies required