SOC / Purple Team Testing
How to find and test your team?
Often, the best way to improve the “blue” team is to work hand-in-hand with the “red” team. This turns into a “purple” teaming engagement, where the red team runs common attack scenarios, such as malware uploads, file extractions, network attacks, and much more with the goal of improving blue team baselining and detection capabilities.
Master Your Vulnerabilities
Know Where You’re Exposed
Every day you’re at risk of costly breaches. And your organization’s vulnerabilities are the path of least resistance for the adversaries who want access to your network and IT environments.
Finding those vulnerabilities is a fundamental part of threat prevention. But is your vulnerability approach up to the task – and is it continuously updated with the latest in threat intelligence as adversaries discover new and potentially more dangerous exploits?
Prioritize with Context
Your vulnerability management solution should not only discover vulnerabilities but prioritize the most critical based on the unique context of your organization and an understanding of where exploitation can cause the most damage.
All testing performed is based on the NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide (v4), and customized testing frameworks.
• Planning – Customer goals are gathered and rules of engagement obtained.
• Discovery – Perform scanning and enumeration to identify potential vulnerabilities, weak areas, and exploits.
• Attack – Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.
• Reporting – Document all found vulnerabilities and exploits, failed attempts, and company strengths and weaknesses.