purple team

Red + Blue, How Purple Are You? Identifying Gaps in The Spectrum of Security

Deconstructing Logon Session Enumeration

| | detection-engineering, Information Security, Infosec, purple team, specterops
Purple TeamingHow we define and create test cases for our purple team runbooksIntroIn our purple team service, we try to take a depth and quality approach and run many different functionally diverse test ...
Posts By SpecterOps Team Members - Medium
Part 13

Part 13

| | detection-engineering, Infosec, MITRE ATTACK, purple team, research
On Detection: Tactical to FunctionalWhy a Single Test Case is InsufficientIntroductionIn my previous post, I explored the idea that different tools can implement the same operation chain (behavior) in various ways. I ...
Posts By SpecterOps Team Members - Medium
To Infinity and Beyond!

To Infinity and Beyond!

| | detection-engineering, Information Security, Math, purple team, research
Increasing our understanding of EDR capabilities in the face of impossible odds.IntroductionI recently had a discussion with our chief strategist, Jared Atkinson, about purple teaming. We believe that large quantities of procedures ...
Posts By SpecterOps Team Members - Medium
Reactive Progress and Tradecraft Innovation

Reactive Progress and Tradecraft Innovation

| | detection-engineering, Evasion, purple team, Red Team, research
Detection as PredictionThe overarching goal of a security operations program is to prevent or mitigate the impact of an attacker gaining unauthorized access to an IT environment. In service of this mission, ...
Posts By SpecterOps Team Members - Medium
wargames cybersecurity ransomware strategy breach prevention strategy cybersecurity

Leveraging Wargaming Principles for Cyberdefense Exercises

| | blue team, cyberdefense, pentesting, purple team, Red Team, wargames
Wargames are an excellent way to ensure your cyberdefense plans are solid and your processes are current ...
Security Boulevard
The Future of Computer Security

BSidesKC 2021 – David Evenden’s ‘Emulating The Adversary While Training The Defenders: Purple Teaming With MITRE ATT&CK’

| | BSides, BSidesKC, Cryptology Education, cybersecurity education, defensive security, education, Industrial Security, Information Security, Infosec Education, MITRE ATT&CK, Offensive Security, purple team, security
Our thanks to BSidesKC for publishing their outstanding BSidesKC 2021 videos on the Conferences’ YouTube channel. Permalink ...
Infosecurity.US
Example of a volume analysis showing how many times certain techniques are mentioned in a threat report

Threat Hunting Framework: Three Steps to Translate Threat Reports into Actionable Steps

| | case management, LogRhythm Labs, purple team, Ransomware, threat detection, Threat Research
Thanks to Sally Vincent and Dan Kaiser from the LogRhythm Labs team for developing the process and guiding content described in this post. Threat research can be an invaluable asset to security ...
LogRhythm
WebApp Security, 'My Experience Leading A Purple Team'

WebApp Security, ‘My Experience Leading A Purple Team’

| | blue team, Information Security, Penetration Testing, purple team, Red Team
A terrific Red & Blue (in reality - Purple's the Word, in this case) Teaming Leadership post (via Robert A., posting on the Web Application Security Consortium List) detailing his experience leading ...
Infosecurity.US
The Purple Team Pentest

The Purple Team Pentest

| | blue team, Penetration Testing, pentest, purple team, purple teaming, Red Team, security operations, SOC
It’s not particularly clear whether a marketing intern thought he was being clever or a fatigued pentester thought she was being cynical when the term “Purple Team Pentest” was first thrown around ...
Technicalinfo.net Blog
Navigating the "Pentest" World

Navigating the "Pentest" World

| | blackbox pentest, bugbounty, ethical hacking, pentesting, purple team, redteam, whitebox pentest
The demand for penetration testing and security assessment services worldwide has been growing year-on-year. Driven largely by Governance, Risk, and Compliance (GRC) concerns, plus an evolving pressure to be observed taking information ...
Technicalinfo.net Blog