How Purple Teaming Takes Security to New Levels
Wednesday, June 27, 2018, 10:00am to 3:00pm at Sheraton Centre Toronto
Red and Blue teaming has been a staple of organizational security programs for years. Red Teams are white-hat hackers that attack your digital infrastructure to test its defenses and find weaknesses. Blue Teams are the internal security teams that try to ward off both real attackers and Red Teams. Purple Teams have become increasingly important, but their role is less understood.
Specifically, Purple Teams combine members of red and blue teams who work to ensure teams Red and Blue operate at peak efficiency and effectiveness.
In this symposium discussion and workshop, IANS Faculty Member Dave Kennedy President and CEO of TrustedSec, will walk attendees through the leading best practices and trends for securing your critical infrastructure through Purple Teaming.
Dave Kennedy served in the Marines for five years working on intelligence related missions and has led countless workshops around the world on red/blue/purple teaming. Over time he has found that Blue and Red Teams lack the full picture needed to sufficiently grasp an organization’s full security picture. Dave will walk his audience through the steps these teams can take to come together.
During this symposium workshop, Dave will:
- Pinpoint common gaps between teams and help attendees formulate to-do lists and rules.
- Use an exercise to show what a Purple Team looks like in motion and how it relates to the other teams.
- Walk attendees through ways to more effectively collaborate and achieve desired results.
- Teach attendees to triage risks.
- Help attendees understand the relationship between security and the rest of the organization, and how Purple Teams allow for a fuller collaboration.
- Exercises will be both technical and high level.
After finishing, each team will present the steps they took to reach the remediation point to their audience, highlighting the weaknesses and strengths of their process.
This Symposium is designed for CISOs, Operations leads, and any information security practitioner who wants state-of-the-art guidance from industry leaders.
This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.