Purple teaming is usually defined as the combination of offensive (red team) and defensive (blue team) cybersecurity expertise. We step it up a notch. For one thing, we build the approach of our Assignments on three core principles: crown jewels, assume breach and train as they fight. For another: we demand your active participation.
We help you define your most critical assets and where they live in your infrastructure. These are what you need to protect the most on a risk-based approach.
We work under the assumption that someday, someone will be able to breach your perimeter defenses and truly put your security posture to the test. So let us help you evaluate your inside defenses before they do.
Your attackers will fight dirty to reach your crown jewels. You should train with that street mentality in mind. Forget the punching bag, step in the ring with us before they do.
Every Purple Team Assignment is conducted by a Squadron: the hacker, the hunter, and the healer. They work closely together and fully trust upon each other's knowledge and skills. Click each to learn more.
The hacker pinpoints weak spots in your technical infrastructure and is NEVER destructive. The hacker converts your crown jewel analysis to PoCs and provides the hunter with essential information to optimise detection.
The hunter can quickly and independently assess which information is needed to determine whether an attacker may already be inside. The hunter pinpoints weaknesses in forensic readiness and incident response processes.
Whereas the hunter and the hacker hunt and attack, the healer converts the results of their work into actionable lessons. The healer has the social skills and technical knowledge needed to include you in the team's findings and explain what is wrong and why.
The lead time will vary depending on the type of Assignment, but all our Assignments (except the Hunt) follow the same five phases.
In the first phase, the Crown Jewel Analysis, we determine what hurts your organisation the most.
Based on this analysis, we enter the second phase: Recon. From this point forward, we act as an advanced attacker. We adapt our red team techniques to the maturity of your organisation, to enable you to truly learn instead of just getting kicked in the nuts.
Enter phase three, the Assessment of your security posture, seen from both hacker's, hunter's and healer's perspective: this is where our Purple Team experience really shines. While we identify weak spots in you security posture, we directly work with you and your security vendors to build better defenses and use cases. True teamwork, for your benefit. Needless to say, this phase requires your active cooperation.
The fourth phase is used to create our deliverables: a Mission Report, Recommendations and a Walkthrough with actionable intelligence on both technical and board level.
Need a pathing for the recommendations and aftercare? We got you covered in phase five as well.
Security begins by training with the best.
Everyday, CTOs roll the dice that their security infrastructure is not exposing priceless data, secrets, and resources. Chapter8 tips the odds in your favor, and helps you protect your most valuable assets.Contact us