Overview
Participate in a hands-on workshop that simulates both red team and blue team roles in a Purple Team Exercise. Create and execute adversary emulation campaigns using SCYTHE in an isolated environment with a domain controller, member server, and Linux system. Identify Indicators of Compromise and map adversary behaviors to MITRE ATT&CK Tactics, Techniques, and Procedures. Gain practical experience with adversary emulation and blue team tools like Sysmon and WireShark. Learn the fundamentals of the Purple Team Exercise Framework, including threat intelligence, adversary emulation planning, defensive discussions, and creating remediation action plans. Explore how purple teams collaborate to measure and improve defensive security posture across people, processes, and technology.
Syllabus
#HITBCyberWeek D2 LAB - Hands-On Purple Team Exercises
Taught by
Hack In The Box Security Conference