En savoir plus
This practical introduction to collaborative security testing, or “purple teaming,” is a hands-on, lab-based guide to key methodologies for cybersecurity practitioners in any field. Many organizations have chosen to forgo traditional security tests in favor of collaborative assessments – or “purple team” tests, for the way they combine offensive (“red team”) and defensive (“blue team”) elements – in which offensive and defensive teams work together to measure and improve the organization’s resilience to attacks. Along the way, they’ll be introduced to a number of open-source tools for emulating enterprise environments, automating attacks, crafting intelligent alerts, and more. Covers numerous free tools readers could use in their own purple team exercises, offensive frameworks, and defensive technologies.
Table des matières
Introduction
Part I: How Purple Teaming Works
Chapter 1: The Basics of Purple Teaming
Chapter 2: Offensive and Defensive Frameworks
Chapter 3: The Atomic Methodology
Chapter 4: The Scenario-based Methodology
Part II: Attack Emulation and Detection Lab
Chapter 5: Enviromnent Setup
Chapter 6: Collecting Telemetry
Chapter 7: Network Scanning and Event Tracing
Chapter 8: Living-off-the-Land with the Atomic Red Team Library
Chapter 9: Active Directory Recon with the Caldera Framework
Chapter 10: Domain Compromise with the Mythic Framework
Part III: Organizing an Exercise
Chapter 11: Reporting and Tracking
Chapter 12: Implementing Purple Teaming
Appendix A: Supplemental Tables
A propos de l'auteur
Alfie Champion is a seasoned cybersecurity specialist who has fostered and developed purple team functions over the last decade, both with internal teams and while consulting with MWR InfoSecurity. With a strong emphasis on research and training fostered at MWR, Alfie has gone on to deliver talks and workshops at some of the industry’s most prestigious conferences, including BlackHat USA, DEF CON, and RSA. More recently, he has co-founded an email security startup, delivr.to.
