A terrific Red & Blue (in reality – Purple’s the Word, in this case) Teaming Leadership post (via Robert A., posting on the Web Application Security Consortium List) detailing his experience leading a Purple Team, and the oversight work assocciated with that team color). Very pleased to see this form of shared learning in the Red Team space. Today’s Must Read.
“Purple: Purple teaming in my experience is the oversight of how red and blue operate, coordination to strengthen the effectiveness of both red/blue, and improved relationships with impacted stakeholders (dev/it/ops/etc). It likely isn’t it’s own team, it’s the leaders of the blue/red teams coordinating with it’s members and cross-org stakeholders to optimize how they operate.” via Robert A.’s superlative post further via Web Application Security Consortium List**)
*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: http://www.cgisecurity.com/2018/05/my-experiences-leading-purple-team.html