Purple Exercise
Purple Exercise from HighTower is a combination of blue and red team activities aimed at penetration testing of your existing cybersecurity defenses, highlighting any potential breaches and providing team training and solutions that help close these gaps.
Purple Coordinator is your HighTower project manager who helps you define the most probable attack vectors and threat types for your organization and schedules the stress testing for them, which the red team will perform and Blue team would try to find and track.
The Red Team is a group of ethical hackers and penetration testers with a solid background working for antivirus vendors, MSSPs and MDRs, who will emulate attackers, and perform ethical hacking to bypass your controls and test actual effectiveness of your preventive and detection controls. Their goal is to overcome your defenses built by the Blue Team.
- Adversary simulations
- Low and slow attacks
- Blind/non-blind exercises
- Control effectiveness assessment
- Control gap assessment
- Detection content assessment
- Response playbook test
This part of the Purple Exercise is coordinated with you to select the most relevant attack use cases, threats and test how your personnel reacts to them.
The Blue Team part of this war game is comprised of seasoned cybersecurity veterans with ample experience in configuring and running security controls for digital assets. They act as defenders, performing long-term preparations and updates to your cybersecurity controls to enable effective response and prevention of attacks. Their goal is to detect and mitigate the attack from the Red Team.
- Logging capability audit
- Detection content development
- Detection content onboarding
- Detection capability assessment
- Adversary tracking
- Threat response
- Red/Blue analyst assessment & training
This part of the Purple Exercise is coordinated with you to ensure the proper security controls, processes and people are in place.
As a result of engaging in this assessment, you will get drastically improved visibility into your cybersecurity landscape and will be able to minimize the potential attack surface while receiving a team better equipped to repel the attacks.