Purple Teaming – the simulation of real-world digital attack scenarios as on-the-job training for the digital defenders – delivers insights for any organization, regardless of its size or digital maturity.
Purple Teaming provides clarity about organisational, process and technical weaknesses surrounding your most valuable assets. It provides strategic, tactical and operational solutions for these weaknesses, preferably within the resources already available.
Valuable assets. Every organization has them. During the intake we define together what your most valuable assets are and where they live within your infrastructure. We will then help you detect, respond and mitigate adequately during a digital attack on these crown jewels.
Our years of experience have taught us that a hacker with sufficient time and resources will always be able to break through your perimeter and into your network. That's why we operate under this assumption and always start out with a basic level of access. In doing so, we are actually effectively putting your responsiveness to digital incidents to the test.
Your attackers will play dirty tricks to reach your crown jewels. The best way to prepare for this is to train with a street fighter mentality in mind. Forget the punching bag, get in the ring with us before they do.
Each mission is carried out by a Squadron: the Hacker, the Hunter and the Healer. They work closely together and rely completely on each other's knowledge and skills. Click on each role to learn more about it.
The Hacker handles the offensive side, translates the Crown Jewel analysis into possible attack scenarios and provides the Hunter with essential information related to detection.
The Hunter analyses what information is needed to determine whether an attacker may already be in the network and identifies weaknesses in incident response and logging and monitoring: your forensic readiness.
The Healer translates the results of Hacker and Hunter into concrete recommendations at a strategic, tactical and operational level and supports Hacker and Hunter operationally where necessary.
Every assignment is tailor-made, because no company network or cyber resilience level is the same. In order to create an overview and structure for both our Squadron and your organisation, each assignment does follow the same five phases.
1. In the first phase, the Crown Jewel Analysis, we determine what would hit your organization the hardest: your most valuable assets and where they live in your infrastructure.
2. Based on this analysis, we enter the second phase: Reconnaissance. From this point on, we act like advanced attackers and map the network.
3. The third phase involves the analysis of your overall cyber resilience. While the Hacker identifies weaknesses in your security, the Hunter and Healer work with your security team and vendors to hone defense techniques and processes. Real teamwork that yields immediate results.
4. We use the fourth phase to deliver our documents: a mission report, recommendations and a walkthrough with pragmatic tools at both technical and boardroom level.
5. Do you need a roadmap or more guidance after the Purple Team Assignment? In the fifth phase, the aftercare, Chapter8 has your back as well.