Client Portal
| Become a Client

Purple Teaming

Leverage IANS Faculty practitioners to enhance your team's ability to detect real-world attacks.

Ismael Valenzuela, IANS Faculty and coauthor of the Cyber Defense and Blue Team Operations course, SANS SEC530: Defensible Security Architecture and Engineering, shares his thoughts on purple teaming.

Identify weaknesses in your systems

Penetration tests are useful. They identify weaknesses in your systems and provide practical advice to reduce risk. But what if your team could watch the attack in progress to understand tactics and techniques used by attackers and learn to recognize them in the future? That is what IANS’ Red and Purple Teaming provides.
Get in touch

Our purple teaming process

01.

Close Collaboration

We work directly with your team to craft targets and guidelines—then we go after them.

02.

Fit & Scope

IANS recommends the appropriate Purple Team approach and provider, as well as scope and length of engagement.

03.

Results & Remediation

Test results are presented in a variety of ways — real time attack replay, daily standup communications, a final report, and readout containing business language strategies for reducing risk.

The IANS approach

Request more information

Project approach

  • Reconnaissance and scanning: Red team will map the target’s network architecture and systems/software, including open ports and system responses. Blue team will review existing tools and monitors
  • Exploitation: IANS will attack systems and applications to prove that exploitation is possible
  • Purple teaming: Led by onsite IANS faculty, red teams will conduct an attack on the target system(s) while blue teams attempt to detect and block the attack. This will include presentations on tools and technology used in security assessments and defenses
  • Recommendations: IANS faculty will review the exercise to show teams which attacks worked and why, establish a reciprocal understanding between the red and blue team of all testing elements, and discuss strategies of improvement

Project deliverables

  • Fundamental penetration testing methodologies, tools, and techniques, including Kali, DNSEnum, RIDENUM, Unicorn, Metasploit, Nmap, Responder 
  • Basics of open-source tools and technologies and understanding attack avenues
  • Techniques to bypassing security technologies such as whitelisting/blacklisting, anti-virus, and other preventative measures
  • Use of PowerShell and Python to manage and catalog endpoints
  • Indicators of attack and compromise; alerting and logging caused by typical attacks
  • Defensive Monitoring systems for parsing and monitoring applications and systems

Our winning formula for cybersecurity consulting

Exclusive cybersecurity focus

IANS focuses solely on Information Security, helping clients improve security, risk, and compliance programs.

Dedicated project management functions

IANS handles all Project Management and Faculty engagement to ensure smooth delivery and standardized reporting.

Highly skilled, vetted experts

Expertise is what we pride ourselves on. All projects are staffed by expert practitioners with deep, hands-on domain and technical experience.

Multi-level insights

Standardized reporting delivers both technical and executive level insights to help you reduce risk and justify investments to the C-suite.

Accelerated contracting and continued support

Gain access to accelerated contracting and ongoing support post-project completion through your existing subscription Master agreement.

Speak with IANS about red and purple teaming