Purple Team Assessment

Testing and coaching to improve detection
and response against realistic attack scenarios

hands on laptop

Testing and coaching to improve detection 
and response against realistic attack scenarios

Evaluate your security team’s ability to prevent, detect and respond to cyber attacks through realistic scenarios most relevant to your industry. Using Mandiant’s latest threat intelligence in conjunction with Mandiant Security Validation, our Purple Team Assessment  provides quantifiable evidence of your program’s effectiveness – while coaching your team step-by-step on improvement techniques at each phase of the attack lifecycle.

Improve Detection

Advance your technical defenses to increase breach detection and response effectiveness.

Improve Prevention

Identify gaps in your active and passive cyber security controls for future improvement.

Improve Response

Prepare for real-world cyber incidents, without harmful risks to your business.

Purple Team Assessment Features

Hands-on coaching

Work directly with Mandiant incident responders and red team consultants to test and improve your team’s capabilities at every stage of the attack lifecycle.

Comprehensive testing

Testing aligned with the industry standard MITRE ATT&CK framework.

Customize to your needs

Short- and long-term engagements are available to suit organizational budgets and security program objectives.

Focused recommendations

Receive tactical and strategic guidance on critical processes, technology and operational improvements.

Relevant attack scenarios

Simulate tools, techniques, and procedures (TTPs) from threat groups most active in your industry vertical.

Technology enabled

Emulate real (TTPs) for actual, not hypothetical, scenarios using the Mandiant Advantage Security Validation.

Threat intelligence driven

View scenarios based on the latest attacker behaviors and evasion techniques observed on the frontlines by global responders and red teamers.

Continuous Maturity Improvements

Refine and mature your attack responses with an iterative, repeatable coaching regimen through a continuous purple team assessment.

Our Methodology

The purple team begins by analyzing intelligence to determine the data breaches and threat groups most active in your industry vertical. They use this intelligence to create Security Validation scenarios to emulate the tactics, techniques and procedures (TTPs) used by those groups. This tests your security team’s ability to detect and respond to industry-relevant threats in realistic scenarios.

Your security team works directly with a  Mandiant incident response consultant and red team consultant at each phase of the attack lifecycle in an attempt to detect scenario activities. If malicious activity is detected, the purple team works with your security team to ensure an appropriate response to the detected activity and the existence of procedures to ensure continued success. If malicious activity is not detected, our consultants work with your security team on how to better use existing logging, monitoring, and alerting detection technologies during the next simulation attempt. If uncovered, they will identify areas for technological improvement.

Attack Life Cycle

Related Offerings

Threat Intelligence

Threat Intelligence

Understand the threats Mandiant sees targeting you and your peers.

Security Validation

Security Validation

Continuously test and understand the effectiveness of your security controls.

Attack Surface Management

Attack Surface Management

See your organization through the eyes of the attacker.

Ready to Get Started?

Our security experts are standing by to help you with an incident or answer questions about our consulting and managed detection and response services.