Practical Purple Teaming

Many organizations have chosen to forgo traditional security tests in favour of collaborative assessments - or 'purple team' tests, for the way they combine offensive ('red team') and defensive ('blue team') elements - in which offensive and defensive teams work together to measure and improve the organization's resilience to attacks. Practical Purple Teaming outlines common purple team methodologies, offensive and defensive frameworks, and real-world threat research to craft realistic test cases. Readers will use a dedicated lab environment to execute attacks common to the modern threat landscape, then consider ways of tuning defences to detect and prevent the activity. Along the way, they'll be introduced to a number of open-source tools for emulating enterprise environments, automating attacks, crafting intelligent alerts, and more. Covers numerous free tools readers could use in their own purple team exercises, offensive frameworks, and defensive technologies.