Purple Team

Free TrialSchedule Demo

Customized and automated security validation and assurance.

The Purple Team module brings endless options and scale to everyone in the Security Team; Blue Team groups assessing security controls, SOC groups maintaining a watch over critical systems, and Red Team groups planning and executing attacks. The module is fully aligned to the MITRE ATT&CK framework utilizing its de-facto standard taxonomy for the creation, execution, and analysis of assessments.

The module extends automated security visibility and optimization to environments and scenarios that are unique to different organizations, personnel with different job responsibilities, and security professionals of different skill levels.

The module can be used to create and automate recurring assessments tailored to assure policy enforcement, monitor security drift, regression test changes to security controls and to meet compliance requirements.

For service providers, the Purple Team module can make Red Team exercises and pen-testing accessible and achievable to a larger market through customized automation. Automation also increases the operational efficiency of your experts, enabling them to focus on high value tasks; creating scenarios and templates, analyzing the results of an exercise, and providing guidance to improve incident management and response procedures.

Use CaseAudienceDescription
Purple teamingBlue Team/SOC & Red TeamAdversarial simulations to exercise incident management and security control efficacy
Security Assurance Automation / Regression TestingBlue Team/SOCCreate and automate assurance procedures that ensure changes in IT & security have not impaired security efficacy or policy enforcement
Scaling ExpertiseRed TeamCreate, share, and reuse assessment templates, building blocks and resources; leveraging automation for increased operational efficiency
Security validationBlue Team/SOCMeasure and track security resilience to APT group Tactics, Techniques, and Procedures (TTPs) codified across the MITRE ATT&CK framework

Product features:

  • Full alignment and end-to-end coverage of the MITRE ATT&CK framework.
  • Built-in repository of all applicable ATT&CK techniques and sub techniques.
  • Import, create and modify executions, payloads, tools, data sources and assessments
  • Execution chaining for input and dependencies.
  • Monitor security drift to APTs, ATT&CK techniques and sub techniques.
  • Full support of Windows, MacOS, and Linux Operating Systems.

Learn More About Other Vectors

ReconEmail GatewayWeb GatewayWeb Firewall ApplicationEndpoint Security
Lateral MovementData ExfiltrationImmediate Threat IntelligeneceFull Kill-Chain APTPurple Team Simulation