Red and Purple Teaming
Leverage IANS Faculty practitioners to enhance your system's offensive and defensive cyber strategies.
Ismael Valenzuela, IANS Faculty and coauthor of the Cyber Defense and Blue Team Operations course, SANS SEC530: Defensible Security Architecture and Engineering, shares his thoughts on purple teaming.
Identify weaknesses in your systems
Penetration tests are useful. They identify weaknesses in your systems and provide practical advice to reduce risk. But what if your team could watch the attack in progress to understand tactics and techniques used by attackers and learn to recognize them in the future? That is what IANS’ Red and Purple Teaming provides. Led by an IANS Faculty member, the attackers conduct penetration tests to gain a foothold in the target system, and then move within the system to identify targets, exfiltrate data, and cover their tracks.
Get in touch
Our red and purple teaming process
01.
Close Collaboration
We work directly with your team to craft targets and guidelines—then we go after them.
The IANS approach
Request more informationProject approach
- Reconnaissance and scanning: Red team will map the target’s network architecture and systems/software, including open ports and system responses. Blue team will review existing tools and monitors
- Exploitation: IANS will attack systems and applications to prove that exploitation is possible
- Purple teaming: Led by onsite IANS faculty, red teams will conduct an attack on the target system(s) while blue teams attempt to detect and block the attack. This will include presentations on tools and technology used in security assessments and defenses
- Recommendations: IANS faculty will review the exercise to show teams which attacks worked and why, establish a reciprocal understanding between the red and blue team of all testing elements, and discuss strategies of improvement
Project deliverables
- Fundamental penetration testing methodologies, tools, and techniques, including Kali, DNSEnum, RIDENUM, Unicorn, Metasploit, Nmap, Responder
- Basics of open-source tools and technologies and understanding attack avenues
- Techniques to bypassing security technologies such as whitelisting/blacklisting, anti-virus, and other preventative measures
- Use of PowerShell and Python to manage and catalog endpoints
- Indicators of attack and compromise; alerting and logging caused by typical attacks
- Defensive Monitoring systems for parsing and monitoring applications and systems
Our winning formula for cybersecurity consulting
Exclusive cybersecurity focus
IANS focuses solely on Information Security, helping clients improve security, risk, and compliance programs.
Dedicated project managers
IANS handles all project management and Faculty engagement to ensure smooth delivery and standardized reporting.
Highly skilled, vetted experts
All projects are staffed by expert practitioners with deep, hands-on domain and technical experience.
Multi-level insights
Standardized reporting delivers both technical and executive level insights to help you reduce risk and justify investments to the C-suite.
Continued support for clients
IANS clients can access Decision Support tools to ensure smooth implementation once a consulting engagement is complete.
Speak with IANS about red and purple teaming
We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Policy.