In a previous podcast, we discussed purple-teaming as it compares to a conventional penetration test. Let’s now build on that approach, starting with the differences between attack simulation and conventional penetration tests. The methodology of attack simulation is the assumption that the network or a system will become compromised and the current controls will not prevent the infection.
So, how does attack simulation differ from purple-teaming? With purple-teaming, everyone know what controls are being tested and when. The attack simulation is a bit different, as the focus is the emulation of a specific attacker group and their methods of obtaining sensitive data. In this podcast, LBMC Information Security’s Bill Dean discusses attack simulation, or what some people label adversary simulation.
Listen, and discover these key takeaways:
- A brief description of attack simulation
- Key differences between purple-teaming and attack simulation
- Reasons why not all attacker groups target all organizations.
- Why organizations should focus on defending against specific adversary groups that would target them
- Reasons why attack/adversary simulation is the best way for you to see how you would measure up against a nation state attacker group
Subscribe to the Cybersecurity Sense Podcast on iTunes.