4/20/24
01 02 03
Staged scenarios
Stage attack scenarios in your environment to maximize efficiency of the engagement
Purple team characteristics
Customized to your threat model
Leverage MITRE ATT&CK framework to design procedures specific to your infrastructure and most valuable digital assets
Collaborative vs. adversarial
Attacking force working directly with your security team
Ability to rerun attack steps and demonstrate how malicious activity appears in security logs and tools
9
9
04
Learning experience
• Understand what attacks look like in real-time and through your own security tools • See firsthand what it looks like when someone bypasses security tools like anti-virus or MFA on your VPN
Purple team characteristics
05
Safe place to experiment
• Run through various scenarios to identify visibility gaps • Tweak scenarios to validate different perspectives
• Make adjustments to
monitoring tools and rerun scenarios to validate improvements
10
10
5
Made with FlippingBook - Online catalogs