Enemy Within - Leveraging Purple Teams for Advanced Threat Detection and Prevention

Explore advanced threat detection and prevention techniques in this 51-minute conference talk from BSidesLV. Learn to bridge the gap between Cyber Threat Intelligence and Offensive Security by leveraging Purple Teams. Discover the importance of cross-functional collaboration with Detection Engineering and Red Team operations while examining challenges in Threat Intelligence and Purple Team operations. Address common issues faced by offensive security and threat intel teams, including securing management buy-in and improving testing efficiency. Gain insights into executing realistic operations and fostering positive relationships between offensive security and threat intel resources. Witness live demos of real-world adversary examples, such as web shells and EvilGinx, and explore open-source tools for streamlining efforts. Understand the importance of security investment and learn strategies to gain support from key stakeholders with financial resources and decision-making authority. Examine limitations of existing frameworks in keeping pace with real-world threats and discover open-sourced tooling created by Meta's Purple Team to address these challenges. Presented by Jayson Grace and Adam Bradbury, this talk offers valuable insights for cybersecurity professionals seeking to enhance their organization's threat detection and prevention capabilities.