10 matches found
Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room
Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a SIEM query. A red team script is being rewritten by hand so the blue team can use it. A patch waiting on a change-approval window that's longer than the exploitation window itself. Nobody in that...
Brandon Adkins’ Career Journey - Taking Chances and Tackling New Challenges
Brandon Adkins is the Manager of our Threat Intelligence & Detection Engineering TIDE team. His career journey spans a variety of roles and teams where he has been able to showcase his technical skills in security. Since joining Rapid7, he’s had experience as a Penetration Testing Consultant,...
How Extended Security Posture Management Optimizes Your Security Stack
As a CISO, one of the most challenging questions to answer is "How well are we protected right now?" Between the acceleration of hackers' offensive capabilities and the dynamic nature of information networks, a drift in the security posture is unavoidable and needs to be continuously compensated...
How using the purple team approach helps in addressing cybercrime
By Waqas Automated purple teaming is one of the best ways to address cybercrime as it does not only test for the deficiencies in existing security controls. This is a post from HackRead.com Read the original post: How using the purple team approach helps in addressing cybercrime...
Attack Surface Analysis Part 3: Red and Purple Teaming
Part 3: Red and Purple Teaming This is the third and final installment in our 2021 series around attack surface analysis. In part 1 I offered a description and the value and challenge of vulnerability assessment. Part 2 explored the why and how of conducting penetration testing and gave some tips...
How purple teams can embrace hacker culture to improve security
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Matthew Hickey, co-founder, CEO, and writ...
PlexTrac – A Platform for Purple Teaming
PlexTrac is a platform which can be used by internal security teams or consultancies to conduct purple team assessments but it can be used also… Continue reading - PlexTrac - A Platform for Purple Teaming...
Lessons learned from the Microsoft SOC—Part 3d: Zen and the art of threat hunting
Threat hunting is a powerful way for the SOC to reduce organizational risk, but it’s commonly portrayed and seen as a complex and mysterious art form for deep experts only, which can be counterproductive. In this and the next blog we will shed light on this important function and recommend simple...
Quick Wins to Combat Data Leaks
Data leakage is a worry. Holding lots of sensitive information about your employees and your customers means that if data is exposed it would be a catastrophe. No one wants to be the next Mossack Fonseca, or Equifax, or Marriott Hotel, or Facebook, or… The majority of clients I speak to tell me...
FudgeC2 - A Collaborative C2 Framework For Purple-Teaming Written In Python3, Powershell And .NET
FudgeC2 is a campaign orientated Powershell C2 framework built on Python3/Flask - Designed for team collaboration, client interaction, campaign timelining, and usage visibility. Note: FudgeC2 is currently in alpha stage, and should be used with caution in non-test environments. Setup Installation...