Client Portal
| Become a Client

Red and Purple Teaming

Leverage IANS Faculty practitioners to enhance your system's offensive and defensive cyber strategies.

Ismael Valenzuela, IANS Faculty and coauthor of the Cyber Defense and Blue Team Operations course, SANS SEC530: Defensible Security Architecture and Engineering, shares his thoughts on purple teaming.

Identify weaknesses in your systems

Penetration tests are useful. They identify weaknesses in your systems and provide practical advice to reduce risk. But what if your team could watch the attack in progress to understand tactics and techniques used by attackers and learn to recognize them in the future? That is what IANS’ Red and Purple Teaming provides. Led by an IANS Faculty member, the attackers conduct penetration tests to gain a foothold in the target system, and then move within the system to identify targets, exfiltrate data, and cover their tracks.
Get in touch

Our red and purple teaming process

01.

Close Collaboration

We work directly with your team to craft targets and guidelines—then we go after them.

02.

Fit & Scope

IANS recommends the appropriate Red Team approach and provider, i.e. block of hours, scenario-based testing, annual engagement, etc.

03.

Results & Remediation

Test results are presented through quarterly executive readouts and contain business-language strategies for reducing risk.

The IANS approach

Request more information

Project approach

  • Reconnaissance and scanning: Red team will map the target’s network architecture and systems/software, including open ports and system responses. Blue team will review existing tools and monitors
  • Exploitation: IANS will attack systems and applications to prove that exploitation is possible
  • Purple teaming: Led by onsite IANS faculty, red teams will conduct an attack on the target system(s) while blue teams attempt to detect and block the attack. This will include presentations on tools and technology used in security assessments and defenses
  • Recommendations: IANS faculty will review the exercise to show teams which attacks worked and why, establish a reciprocal understanding between the red and blue team of all testing elements, and discuss strategies of improvement

Project deliverables

  • Fundamental penetration testing methodologies, tools, and techniques, including Kali, DNSEnum, RIDENUM, Unicorn, Metasploit, Nmap, Responder 
  • Basics of open-source tools and technologies and understanding attack avenues
  • Techniques to bypassing security technologies such as whitelisting/blacklisting, anti-virus, and other preventative measures
  • Use of PowerShell and Python to manage and catalog endpoints
  • Indicators of attack and compromise; alerting and logging caused by typical attacks
  • Defensive Monitoring systems for parsing and monitoring applications and systems

Our winning formula for cybersecurity consulting

Exclusive cybersecurity focus

IANS focuses solely on Information Security, helping clients improve security, risk, and compliance programs.

Dedicated project managers

IANS handles all project management and Faculty engagement to ensure smooth delivery and standardized reporting.

Highly skilled, vetted experts

All projects are staffed by expert practitioners with deep, hands-on domain and technical experience.

Multi-level insights

Standardized reporting delivers both technical and executive level insights to help you reduce risk and justify investments to the C-suite.

Continued support for clients

IANS clients can access Decision Support tools to ensure smooth implementation once a consulting engagement is complete.

Speak with IANS about red and purple teaming