Purple Team Assessment

Testing and coaching to improve detection
and response against realistic attack scenarios

Evaluate your security team’s ability to prevent, detect and respond to cyber attacks through realistic scenarios most relevant to your industry. Using FireEye’s latest threat intelligence in conjunction with Verodin’s security instrumentation platform (SIP), our Purple Team Assessment (formerly Red Team for Security Operations) provides quantifiable evidence of your program’s effectiveness – while coaching your team step-by-step on improvement techniques at each phase of the attack lifecycle.

Video

Purple Team Assessment Overview

Improve Detection

Improve Detection

Advance your technical defenses to increase breach detection and response effectiveness.

Improve Prevention

Improve Prevention

Identify gaps in your active and passive cyber security controls for future improvement.

Improve Response

Improve Response

Prepare for real-world cyber incidents, without harmful risks to your business.

Purple Team Assessment Features

Hands-on coaching

Hands-on coaching

Work directly with Mandiant incident responders and red team consultants to test and improve your team’s capabilities at every stage of the attack lifecycle.

Comprehensive testing

Comprehensive testing

Testing aligned with the industry standard MITRE ATT&CK framework.

Customize to your needs

Customize to your needs

Short- and long-term engagements available to suit organizational budgets and security program objectives.

Focused recommendations

Focused recommendations

Receive tactical and strategic guidance on critical processes, technology and operational improvements.

Relevant attack scenarios

Relevant attack scenarios

Simulate tools, techniques, and procedures (TTPs) from threat groups most active in your industry vertical.

Technology enabled

Technology enabled

Emulate real (TTPs) for actual, not hypothetical scenarios using the FireEye Verodin SIP.

Threat intelligence driven

Threat intelligence driven

Scenarios based on the latest attacker behaviors and evasion techniques observed on the frontlines by global responders and red teamers.

Our Methodology

The purple team begins by analyzing intelligence to determine the data breaches and threat groups most active in your industry vertical. They use this intelligence to create Verodin SIP scenarios to emulate the tools, tactics and procedures (TTPs) used by those groups. This tests your security team’s ability to detect and respond to industry-relevant threats in realistic scenarios.

Your security team works directly with a FireEye Mandiant incident response consultant and red team consultant at each phase of the attack lifecycle in an attempt to detect scenario activities. If malicious activity is detected, the purple team works with your security team to ensure an appropriate response to the detected activity and the existence of procedures to ensure continued success. If malicious activity is not detected, our consultants work with your security team on how to better use existing logging, monitoring, and alerting detection technologies during the next simulation attempt. They may also identify areas for technological improvement.

FireEye Mandiant Attack Lifecycle

FireEye Mandiant Attack Lifecycle

The purple team tests the client security team’s capabilities against every phase of the attack lifecycle.

Related resources

Ready to get started?

Our security experts are standing by to help you with an incident or answer questions about consulting services.

+1 888-227-2721 +61 281034308 +32 28962867 +1 877-347-3393 +971 45501444 +358 942451151 +33 170612726 +49 35185034500 +852 3975-1882 +91 80 6671 1566 +353 (0)216019160 +39 0294750535 +81 3 4577 4401 +03 77248276 +52 5585268207 +31 207941289 +64 32880234 +48 223072296 +7 4954658084 +65 31585101 +27 105008408 +82 7076860238 +34 932203202 +94 788155851 +46 853520870 +886 2-5551-1268 +27873392 +44 2036087538 +842444581914