Purple Team Simulation
Customized and automated security validation and assurance.
The Purple Team module brings endless options and scale to everyone in the Security Team; Blue Team groups assessing security controls, SOC groups maintaining a watch over critical systems, and Red Team groups planning and executing attacks. The module is fully aligned to the MITRE ATT&CK framework utilizing its de-facto standard taxonomy for the creation, execution, and analysis of assessments.
The module extends automated security visibility and optimization to environments and scenarios that are unique to different organizations, personnel with different job responsibilities, and security professionals of different skill levels.
The module can be used to create and automate recurring assessments tailored to assure policy enforcement, monitor security drift, regression test changes to security controls and to meet compliance requirements.
For service providers, the Purple Team module can make Red Team exercises and pen-testing accessible and achievable to a larger market through customized automation. Automation also increases the operational efficiency of your experts, enabling them to focus on high value tasks; creating scenarios and templates, analyzing the results of an exercise, and providing guidance to improve incident management and response procedures.
|Purple teaming||Blue Team/SOC & Red Team||Adversarial simulations to exercise incident management and security control efficacy|
|Security Assurance Automation / Regression Testing||Blue Team/SOC||Create and automate assurance procedures that ensure changes in IT & security have not impaired security efficacy or policy enforcement|
|Scaling Expertise||Red Team||Create, share, and reuse assessment templates, building blocks and resources; leveraging automation for increased operational efficiency|
|Security validation||Blue Team/SOC||Measure and track security resilience to APT group Tactics, Techniques, and Procedures (TTPs) codified across the MITRE ATT&CK framework|
- Full alignment and end-to-end coverage of the MITRE ATT&CK framework.
- Built-in repository of all applicable ATT&CK techniques and sub techniques.
- Import, create and modify executions, payloads, tools, data sources and assessments
- Execution chaining for input and dependencies.
- Monitor security drift to APTs, ATT&CK techniques and sub techniques.
- Full support of Windows, MacOS, and Linux Operating Systems.