Simulate Attacking and Defending Your Network
A lifelike exercise of malicious attacks paired with a test of how your team responds to those scenarios.
Combining Pen Testing and Incident Response
What is Purple Teaming?
Mimic bad actors and see how your response team stacks up
Purple teaming combines red and blue team exercises simultaneously. Red teaming is a form of penetration testing (attack simulation) with no guidelines, making it as real-world as possible without inflicting real damage. Blue teaming is a form of preventative incident response (defense simulation) that tests your response capabilities against red team attacks. Together, they give you a more holistic view of how prepared you are for handling threats.
How does FRSecure approach Purple Teaming?
Starting by doing intel gathering and recon, our team of penentration testers and social engineers use their deep understanding of OSINT, threat landscapes, and attack techniques to find entry points. Once access has been gained, our incident responders work diligently with you and your team to walk through your incident response plan and make live adjustments based on what’s happening in the simulated attack. The end goal is to find and fill gaps in your network, training, and incident response capabilities.
Purple Teaming Steps
We meet with your team, establish rules of engagement, determine what systems to attack, and begin information gathering.
We feel out your environment using the OSINT methodology. Our red team starts probing your environment to identify potential weaknesses that can be used in an attack plan.
Now that the attack plan is in place, the red team begins executing it, adjusting on the fly as needed. Meanwhile, the blue team gets involved to actively defend against this simulated attack.
Purple Teaming FAQ
No installation is required for any penetration testing engagement with us. Our team will bring our own tools, and work with whatever is set up in your tech and network environment.
Find gaps and actionable items based on real world attack methodologies. Gain knowledge and experience for your blue team, teaching them how to defend against these attacks.
A pen test uses a limited scope and only shows you your gaps. Not only does this take a more encompassing approach to finding weeknesses, but it also shows your team how to address those gaps.
Because purple team engagements take a more holistic approach to testing your security practices (including defense), we’d actually recommend you do a purple team before a red team. This will allow you to get an understanding of any shortcomings you may have and shore up your defenses before really poking holes in them. Purple teaming is a more interactive engagement and conveys a little more of a safety net.