Tag: PurpleTeam

Why you should purple team your SOC

Nov 10, 2025 10:20 AM

Tags: attack, blueteam, breach, compliance, detection, metric, penetration-testing, phishing, powershell, PurpleTeam, service, soc, threat, tool, training

. In theory, it’s about collaboration and continual improvement. In practice, it’s often a transactional service run by penetration testing firms focused on two things: proving they can bypass defences and producing a report that looks good in a board pack.That mindset doesn’t help with SOC effectiveness. A single purple team engagement doesn’t build real…
Why you should purple team your SOC

Nov 10, 2025 10:20 AM

Tags: attack, blueteam, breach, compliance, detection, metric, penetration-testing, phishing, powershell, PurpleTeam, service, soc, threat, tool, training

. In theory, it’s about collaboration and continual improvement. In practice, it’s often a transactional service run by penetration testing firms focused on two things: proving they can bypass defences and producing a report that looks good in a board pack.That mindset doesn’t help with SOC effectiveness. A single purple team engagement doesn’t build real…
Simulating Cyberattacks to Strengthen Defenses for Smart Buildings

Nov 7, 2025 12:19 PM

Tags: ai, cyber, defense, iot, PurpleTeam

Smart buildings face rising IoT cyber threats. Learn how simulations, AI, and red or purple teaming can strengthen defenses and improve incident response. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/simulating-cyberattacks-to-strengthen-defenses-for-smart-buildings/
Continuous Purple Teaming: Turning Red-Blue Rivalry into Real Defense

Nov 6, 2025 4:19 PM

Tags: blueteam, control, defense, PurpleTeam

Red and blue teams often operate independently, but attackers don’t. Picus Security shows how continuous purple teaming and BAS turn red-blue rivalry into real defense, validating controls and closing gaps in real time. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/continuous-purple-teaming-turning-red-blue-rivalry-into-real-defense/
Continuous Purple Teaming: Turning Red-Blue Rivalry into Real Defense

Nov 6, 2025 4:19 PM

Tags: blueteam, control, defense, PurpleTeam

Red and blue teams often operate independently, but attackers don’t. Picus Security shows how continuous purple teaming and BAS turn red-blue rivalry into real defense, validating controls and closing gaps in real time. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/continuous-purple-teaming-turning-red-blue-rivalry-into-real-defense/
F5 Security Incident Advisory

Oct 17, 2025 9:09 AM

Tags: access, advisory, application-security, attack, authentication, awareness, backdoor, best-practice, breach, china, cisa, compliance, control, corporate, cve, cvss, cybersecurity, data, data-breach, defense, detection, dos, endpoint, espionage, exploit, finance, flaw, government, group, guide, hacker, Hardware, identity, infrastructure, Internet, Intruder, malicious, malware, mitigation, monitoring, network, phishing, PurpleTeam, radius, rce, remote-code-execution, risk, risk-assessment, security-incident, service, software, strategy, technology, theft, threat, training, unauthorized, update, vulnerability, zero-day, zero-trust

Executive SummaryOn October 15, 2025, F5 Networks publicly disclosed a serious security breach involving a nation-state threat actor. The intruders maintained long-term, persistent access to F5’s internal systems”, specifically the BIG-IP product development environment and engineering knowledge management platforms. F5 first detected unauthorized activity on August 9, 2025, but delayed public disclosure until mid-October as directed by…
Cisco Firewall and VPN Zero Day Attacks: CVE-2025-20333 and CVE-2025-20362

Sep 27, 2025 4:08 PM

Tags: access, advisory, ai, attack, authentication, awareness, backdoor, best-practice, breach, china, cisa, cisco, cloud, compliance, control, cve, cyber, cybersecurity, data, data-breach, defense, encryption, endpoint, espionage, exploit, firewall, firmware, flaw, group, Hardware, identity, infrastructure, Internet, Intruder, login, malicious, malware, mfa, mitigation, monitoring, network, password, phishing, PurpleTeam, radius, risk, risk-assessment, service, software, technology, theft, threat, training, unauthorized, update, vpn, vulnerability, zero-day, zero-trust

IntroductionOn September 25, 2025, Cisco released a security advisory to patch three security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD) software, which have been exploited in the wild. These three vulnerabilities are tracked as CVE-2025-20333, CVE-2025-20362, and CVE-2025-20363. The sophisticated state-sponsored campaign has been…
Review: Practical Purple Teaming

Sep 23, 2025 8:16 AM

Tags: guide, PurpleTeam

Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how to design and run effective … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/23/review-practical-purple-teaming/
Review: Practical Purple Teaming

Sep 23, 2025 8:16 AM

Tags: guide, PurpleTeam

Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how to design and run effective … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/23/review-practical-purple-teaming/
Lasso Platform Employs AI Agents to Secure AI Applications

Sep 10, 2025 6:02 PM

Tags: ai, blueteam, injection, PurpleTeam, service, vulnerability

Lasso has launched an agentic AI service for purple teaming that secures AI applications before and after deployment. By combining red and blue team functions with autonomous AI agents, the platform detects vulnerabilities like prompt injection and enforces security policies. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/lasso-platform-employs-ai-agents-to-secure-ai-applications/
Hackers Exploit Google Calendar API with Serverless MeetC2 Framework

Sep 5, 2025 10:20 AM

Tags: api, blueteam, cloud, communications, control, cyber, detection, exploit, framework, google, hacker, malicious, PurpleTeam, saas

A novel serverless command-and-control (C2) technique that abuses Google Calendar APIs to obscure malicious traffic inside trusted cloud services. Dubbed MeetC2, this lightweight, cross-platform proof-of-concept demonstrates how adversaries can seamlessly blend C2 communications into everyday SaaS usage, presenting fresh detection, telemetry, and response challenges for red and blue teams alike. In a recent internal purple-team…
Russia-linked PathWiper malware hits Ukrainian infrastructure

Jun 10, 2025 12:55 PM

Tags: apt, attack, backup, cisco, ciso, compliance, control, cyber, detection, endpoint, finance, fortinet, infrastructure, insurance, intelligence, malware, network, PurpleTeam, resilience, risk, russia, tactics, threat, tool, ukraine, vulnerability, zero-trust

Echoes of past attacks: While PathWiper shares tactical similarities with HermeticWiper, its enhanced capabilities reveal a clear evolution in wiper malware sophistication. The new variant employs advanced techniques, such as querying registry keys to locate network drives and dismounting volumes to bypass protections, a stark contrast to HermeticWiper’s simpler approach of sequentially targeting drives numbered…
RSAC Fireside Chat: ‘Purple’ teams dismantle the reactive trap, and can help restore cyber readiness

May 28, 2025 2:55 PM

Tags: cyber, PurpleTeam

Reactive security isn’t just outdated, it’s become a liability. Attackers have figured out how to weaponize speed, and defenders are struggling to keep pace. Related: Mastering adversary emulation At RSAC 2025, I spoke with Derek Manky, Chief… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/rsac-fireside-chat-purple-teams-dismantle-the-reactive-trap-and-can-help-restore-cyber-readiness/
Skyhawk Expands Purple Team to Close Gaps in Custom Cloud App Security

Apr 24, 2025 10:50 PM

Tags: cloud, PurpleTeam

First seen on scworld.com Jump to article: www.scworld.com/news/skyhawk-expands-purple-team-to-close-gaps-in-custom-cloud-app-security
Skyhawk Security brings preemptive cloud app defense to RSAC 2025

Apr 24, 2025 1:50 PM

Tags: ai, cloud, defense, PurpleTeam, update

Skyhawk Security is adding new protection for custom-built cloud applications. The company announced the update to its AI-powered Autonomous Purple Team for RSAC 2025 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/24/skyhawk-security-rsac-2025/
Threat-informed defense for operational technology: Moving from information to action

Apr 2, 2025 5:55 PM

Tags: access, ai, attack, automation, blueteam, cloud, control, crime, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, exploit, finance, fortinet, framework, group, incident response, infrastructure, intelligence, law, malicious, malware, mitre, network, phishing, PurpleTeam, ransomware, RedTeam, resilience, risk, service, soar, strategy, tactics, technology, threat, tool, usa

The rise of cybercrime-as-a-service Today’s macro threat landscape is a flourishing ecosystem of cybercrime facilitated by crime-as-a-service (CaaS) models. Cybercriminal networks now operate like legitimate businesses, with specialized units dedicated to activities such as money laundering, malware development, and spear phishing. This ecosystem lowers the barrier to entry for cybercrime, enabling low-skilled adversaries to launch…
Getting the Most Value out of the OSCP: Pre-Course Prep

Feb 12, 2025 5:57 PM

Tags: access, antivirus, attack, compliance, control, credentials, cyber, cybersecurity, detection, exploit, finance, framework, guide, hacker, hacking, infosec, infrastructure, jobs, kali, linux, mandiant, metric, microsoft, mitre, network, organized, password, penetration-testing, PurpleTeam, RedTeam, risk, service, skills, software, tactics, technology, tool, training, vulnerability, windows

The first post in a five-part practical guide series on maximizing the professional, educational, and financial value of the OffSec certification pursuit for a successful career in offensive cybersecurity consulting Disclaimer: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements.…
Top tips for CISOs running red teams

Dec 10, 2024 8:10 AM

Tags: access, attack, business, ciso, control, credentials, data, detection, edr, exploit, finance, flaw, group, guide, identity, infrastructure, jobs, mfa, network, penetration-testing, phishing, PurpleTeam, RedTeam, risk, soc, threat, training, windows

Red team is the de facto standard in offensive security testing when you want to know how all security investments, from technological controls to user training to response procedures, work together when subjected to a targeted attack. Unlike penetration testing, which aims to comprehensively assess a system, or purple team, which assesses detection and response…
Deploy a SOC using Kali Linux in AWS

Nov 25, 2024 6:54 AM

Tags: kali, linux, PurpleTeam, soc

The Kali SOC in AWS project enables the deployment of a Security Operations Center (SOC) in AWS, utilizing the Kali Linux toolset for purple team activities. This environment … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/25/kali-soc-aws/
Sicherheitslücken identifizieren, Angriffe abwehren – Purple Teaming: Die nächste Evolutionsstufe der Cyberabwehr

Nov 18, 2024 11:53 AM

Tags: cyberattack, PurpleTeam

First seen on security-insider.de Jump to article: www.security-insider.de/-cybersicherheit-purple-teaming-offensive-defensive-massnahmen-a-0b64aa1ec4efa21e9f2a9d3799d0c6dd/
Bolstering CTEM with AI and Purple Team Security

Oct 23, 2024 9:25 PM

Tags: ai, PurpleTeam

First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/bolstering-ctem-with-ai-and-purple-team-security/
Purple Teaming: Evaluate the Efficacy of Security Controls

Jul 12, 2024 6:55 PM

Tags: control, PurpleTeam, RedTeam

Red teaming is not effective for evaluating the efficacy of preventative or detective security controls, said Jared Atkinson of Specter Ops, but purpl… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/purple-teaming-evaluate-efficacy-security-controls-i-5400
Red Team vs Blue Team vs Purple Team: Differences Explained

May 22, 2024 11:08 AM

Tags: blueteam, PurpleTeam, RedTeam

First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/networks/red-team-vs-blue-team-vs-purple-team/
Top 10 Best Purple Teaming Companies

Feb 29, 2024 12:39 PM

Tags: cybersecurity, PurpleTeam

Purple teaming in cybersecurity refers to a collaborative approach that aims to enhance an organisation’s security posture by integrating the efforts … First seen on itsecurityguru.org Jump to article: www.itsecurityguru.org/2024/02/22/top-10-purple-teaming-companies-uk/
Purple Teaming Pentesting im neuen Gewand

Feb 12, 2024 1:47 AM

Tags: penetration-testing, PurpleTeam

Beim Management der internen Sicherheit gilt es in Unternehmen zahlreiche Methoden und Aspekte zu überblicken. Ein beliebter Ansatz, um die eigene Sic… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/purple-teaming-pentesting-im-neuen-gewand/a33436/
Erweiterte Cyberabwehr: 4 Schritte zum erfolgreichen Purple Team

Dec 27, 2023 5:04 AM

Tags: PurpleTeam

Beim Purple Teaming geht es um die kontinuierliche Stärkung und Anpassung der Cyberabwehr. Im Folgenden finden Sie einige Schritte zur erfolgreichen D… First seen on csoonline.com Jump to article: www.csoonline.com/de/a/4-schritte-zum-erfolgreichen-purple-team