Purple & Gold Teams
Attack & Incident Response
Our purple and gold teams help you evaluate your organisation’s ability to respond to cyber incidents in a satisfactory manner, by working with your blue teams and crisis management teams, respectively.
These assessments help you improve your organisation’s ability to contain cyber incidents and train your personnel in making educated decisions in the build up to, or in the middle of, a cyber incident – thus increasing your chances of avoiding a full-blown crisis.
The purple and gold teams will help you answer questions such as:
- Is our organisation’s crisis management team able to efficiently manage a cyber incident?
- Are our existing controls sufficient to prevent a large scale incident?
- Is our SOC team sufficiently equipped and trained to identify and respond to attacks?
During a Purple Team assessment, we will: :
- Assess your Blue Team’s ability to identify and respond to the various stages of an attack. This is done with full knowledge of the Red Team’s activities and includes realistic simulations of different scenarios and threat actors
- Provide a complete timeline of all attack and response activities
- Recommend improvements in people skills, processes and technology, prioritised by impact on your security posture and feasibility
During a Gold Team assessment, we will:
- Deliver a cyber crisis simulation that includes interactive scenarios and forces your crisis management team to make crucial decisions under severe time pressure. This is an interactive exercise that is based on realistic scenarios tailored to your organisation – which are prepared by our incident management experts and can optionally include inputs from earlier Black or Red Team engagements
- Evaluate your crisis management team’s decision-making, risk assessment, communication (internal and external), reporting requirements and record-keeping – and identify areas of improvement