Purple teaming in cybersecurity gains traction

SiliconAngle reports that more companies have been conducting purple team cybersecurity threat evaluations, with security penetration testing firm SpecterOps being the latest to create a collaboration between its offensive and defensive cybersecurity teams in testing and defending corporate systems. Realistic attack simulations and partnerships with other security staff are being conducted by purple teams in a bid to bolster organizational prevention, detection, and response to cybersecurity threats, indicating a significant difference from red teams that independently simulate attacks as an external threat actor, said Mandiant Managing Director Evan Pena. Despite the benefits of purple teaming, such an approach may not be suitable for other organizations, according to We Hack Purple founder Tanya Janca. "I wonder how many companies are actually mature enough for effectively using such a service offering. I find that a lot of companies are at the start of their journey, rather than near the end, and purple teaming is a mature activity," Janca added.