WHAT IS PURPLE TEAMING?
Purple teaming can be described as a collaborative mix of red and blue teams: your defensive team are strengthened, informed and trained by the security consultancy’s offensive experts.
Red and Blue teaming can be combined to provide an engagement that focuses on developing defensive capability, thus giving practical and real-world insight into threat actor tactics and how to detect and prevent them.
This involves offensive security experts embedding themselves to varying degrees into the defensive teams, and offering active support and analysis.Ultimately, purple teams help assess the performance of your organization’s defenses, and provide training and direct engagement during the exercise, or feedback to improve detection and response activities.
CONTEXT’S PURPLE TEAMING SERVICE FOCUSES ON
- Working in conjunction with the SOC or blue team
- Providing indicators of compromise to optimize defensive tooling
- Assessing and improving the effectiveness of security controls and processes
- Developing and maturing your defensive capability
Download our fact sheet to find out more about purple teaming and how it compares to other types of security testing: