Quarterly threat simulations to improve visibility and trend your defense success metrics.
- Working alongside the red and blue teams, analysing how they work together and recommending any necessary adjustments to the current exercise, or noting them for future.
- Seeing the big picture and assuming the mindset and responsibilities of both teams. For example, a purple team member will work with the blue team to review how events are being detected. The team member will then shift to the red team to address how the blue team’s detection capabilities can be subverted.
- Analysing the results and overseeing necessary remedial actions, e.g. patching vulnerabilities, implementing employee awareness training and;
Ultimately deriving maximum value from the exercise by applying learning and ensuring stronger defences