Purple Team Assessment
Testing and coaching to improve detection
and response against realistic attack scenarios
Testing and coaching to improve detection and response against realistic attack scenarios
Evaluate your security team’s ability to prevent, detect and respond to cyber attacks through realistic scenarios most relevant to your industry. Using Mandiant’s latest threat intelligence in conjunction with Mandiant Security Validation, our Purple Team Assessment provides quantifiable evidence of your program’s effectiveness – while coaching your team step-by-step on improvement techniques at each phase of the attack lifecycle.
Improve Detection
Advance your technical defenses to increase breach detection and response effectiveness.
Improve Prevention
Identify gaps in your active and passive cyber security controls for future improvement.
Improve Response
Prepare for real-world cyber incidents, without harmful risks to your business.
Purple Team Assessment Features
Hands-on coaching
Work directly with Mandiant incident responders and red team consultants to test and improve your team’s capabilities at every stage of the attack lifecycle.
Comprehensive testing
Testing aligned with the industry standard MITRE ATT&CK framework.
Customize to your needs
Short- and long-term engagements are available to suit organizational budgets and security program objectives.
Focused recommendations
Receive tactical and strategic guidance on critical processes, technology and operational improvements.
Relevant attack scenarios
Simulate tools, techniques, and procedures (TTPs) from threat groups most active in your industry vertical.
Technology enabled
Emulate real (TTPs) for actual, not hypothetical, scenarios using the Mandiant Advantage Security Validation.
Threat intelligence driven
View scenarios based on the latest attacker behaviors and evasion techniques observed on the frontlines by global responders and red teamers.
Continuous Maturity Improvements
Refine and mature your attack responses with an iterative, repeatable coaching regimen through a continuous purple team assessment.
Our Methodology
The purple team begins by analyzing intelligence to determine the data breaches and threat groups most active in your industry vertical. They use this intelligence to create Security Validation scenarios to emulate the tools, tactics and procedures (TTPs) used by those groups. This tests your security team’s ability to detect and respond to industry-relevant threats in realistic scenarios.
Your security team works directly with a Mandiant incident response consultant and red team consultant at each phase of the attack lifecycle in an attempt to detect scenario activities. If malicious activity is detected, the purple team works with your security team to ensure an appropriate response to the detected activity and the existence of procedures to ensure continued success. If malicious activity is not detected, our consultants work with your security team on how to better use existing logging, monitoring, and alerting detection technologies during the next simulation attempt. If uncovered, they will identify areas for technological improvement.
Related Offerings
Threat Intelligence
Understand the threats Mandiant sees targeting you and your peers.
Security Validation
Continuously test and understand the effectiveness of your security controls.
Attack Surface Management
See your organization through the eyes of the attacker.
Ready to Get Started?
Our security experts are standing by to help you with an incident or answer questions about our consulting and managed detection and response services.