Purple-teaming has now become somewhat of a buzzword. However, the effort behind it has great merit and value. The methodology of attack simulation is the assumption that the network or a system will become compromised and the current controls will not prevent the infection. With purple-teaming, everyone know what controls are being tested and when. The attack simulation is a bit different, as the focus is the emulation of a specific attacker group and their methods of obtaining sensitive data.

LBMC Information Security’s Bill Dean outlines purple-teaming, some of the benefits involved with the practice, as well as attack simulation, or what some people label adversary simulation, including:

  • Brief descriptions of purple-teaming and attack simulation
  • How purple-teaming can be beneficial to both penetration testers and defenders
  • Why your penetration tests are not the same as the collaboration involved with purple-teaming
  • Key differences between purple-teaming and attack simulation
  • Reasons why attack/adversary simulation is the best way for you to see how you would measure up against a nation-state attacker group

Download Guide