Introduction to Purple Teaming - SANS@Mic Workshop

Does your organization have penetration testers and a red team? Do they work closely with those performing defensive roles to improve the overall security? Far too often, pen tests and red team engagements are performed, leaving only a list of discovered vulnerabilities with no instructions on how to mitigate the findings. This is where purple teaming can be of great value to an organization. It's not a new team, rather, it's an organized effort to open the communication and working relationship between those on the red and blue sides. Through this process, findings can be identified and tested together, as well as a proper fix. Join me as we take a look at how we can effectively approach purple teaming.