Purple Teaming
Leverage IANS Faculty practitioners to enhance your team's ability to detect real-world attacks.
Ismael Valenzuela, IANS Faculty and coauthor of the Cyber Defense and Blue Team Operations course, SANS SEC530: Defensible Security Architecture and Engineering, shares his thoughts on purple teaming.
Identify weaknesses in your systems
Penetration tests are useful. They identify weaknesses in your systems and provide practical advice to reduce risk. But what if your team could watch the attack in progress to understand tactics and techniques used by attackers and learn to recognize them in the future? That is what IANS’ Red and Purple Teaming provides.
Get in touch
Our purple teaming process
01.
Fit & Scope
IANS recommends the appropriate Purple Team approach and provider, as well as scope and length of engagement.
The IANS approach
Request more informationProject approach
- Reconnaissance and scanning: Red team will map the target’s network architecture and systems/software, including open ports and system responses. Blue team will review existing tools and monitors
- Exploitation: IANS will attack systems and applications to prove that exploitation is possible
- Purple teaming: Led by onsite IANS faculty, red teams will conduct an attack on the target system(s) while blue teams attempt to detect and block the attack. This will include presentations on tools and technology used in security assessments and defenses
- Recommendations: IANS faculty will review the exercise to show teams which attacks worked and why, establish a reciprocal understanding between the red and blue team of all testing elements, and discuss strategies of improvement
Project deliverables
- Fundamental penetration testing methodologies, tools, and techniques, including Kali, DNSEnum, RIDENUM, Unicorn, Metasploit, Nmap, Responder
- Basics of open-source tools and technologies and understanding attack avenues
- Techniques to bypassing security technologies such as whitelisting/blacklisting, anti-virus, and other preventative measures
- Use of PowerShell and Python to manage and catalog endpoints
- Indicators of attack and compromise; alerting and logging caused by typical attacks
- Defensive Monitoring systems for parsing and monitoring applications and systems
Our winning formula for cybersecurity consulting
Exclusive cybersecurity focus
IANS focuses solely on Information Security, helping clients improve security, risk, and compliance programs.
Dedicated project management functions
IANS handles all Project Management and Faculty engagement to ensure smooth delivery and standardized reporting.
Highly skilled, vetted experts
Expertise is what we pride ourselves on. All projects are staffed by expert practitioners with deep, hands-on domain and technical experience.
Multi-level insights
Standardized reporting delivers both technical and executive level insights to help you reduce risk and justify investments to the C-suite.
Accelerated contracting and continued support
Gain access to accelerated contracting and ongoing support post-project completion through your existing subscription Master agreement.
Speak with IANS about red and purple teaming
We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Policy.