January 7, 2020 | Posted in Purple Teams by Mike Pinch   International political relationships sometimes have the potential to create an elevated risk of cyber-attacks. In light of recent events, there are escalated concerns about attacks from Iranian based APT groups, but regardless of whether these APT groups make an impact, there will continue […]

May 7, 2019 | Posted in Red Teams, Purple Teams, and GRC by Tim Wainwright and Kevin Foster *Updated October 2, 2019   Red and Purple Teaming serve distinct purposes, and we think NIST CSF backs us up on that. We outline why we believe in starting with Purple Teams to validate Protect and Detect […]

March 21, 2019 | Posted in Blue Teams and Purple Teams by Kyle Sheely   Chances are if you’ve been affected by cybercrime in the past year, you’ve been the victim of a banking trojan. Proofpoint’s latest quarterly threat report notes that over half of all successful email-based attacks were propagated by banking trojans (meanwhile ransomware, once one of the greatest threats to enterprises, came in […]

March 8, 2019 | Posted in Blue Teams, Purple Teams, GRC, and Strategy by Evan Perotti and Mike Pinch   Back in December 2018, MITRE released the first round of its evaluations on EDR tools, including Carbon Black, CounterTack, Crowdstrike, Endgame, RSA, Sentinal One, and Windows Defender.  Specifically, MITRE tested the APT3 threat group (https://attack.mitre.org/groups/G0022/) […]

February 13, 2019 | Posted in Purple Teams by Tim Wainwright This article covers how a Purple Team process done correctly can: Be documented and organized using the free VECTR.io platform (https://vectr.io) and align to MITRE ATT&CK Generate quantitative success defense metrics more meaningful than existing hygiene and hyperbole metrics Change your teams’ attitude and […]