Participate in a hands-on workshop that simulates both red team and blue team roles in a Purple Team Exercise. Create and execute adversary emulation campaigns using SCYTHE in an isolated environment with a domain controller, member server, and Linux system. Identify Indicators of Compromise and map adversary behaviors to MITRE ATT&CK Tactics, Techniques, and Procedures. Gain practical experience with adversary emulation and blue team tools like Sysmon and WireShark. Learn the fundamentals of the Purple Team Exercise Framework, including threat intelligence, adversary emulation planning, defensive discussions, and creating remediation action plans. Explore how purple teams collaborate to measure and improve defensive security posture across people, processes, and technology.
Overview
Syllabus
#HITBCyberWeek D2 LAB - Hands-On Purple Team Exercises
Taught by
Hack In The Box Security Conference
Related Courses
-
MITRE ATT&CK Defender™ ATT&CK® Adversary Emulation
-
Red Team vs. Blue Team Exercises for ICS - SCADA Security
-
Live Adversary Simulation - Red and Blue Team Tactics
-
Intro to Purple Team - Cyber Threat Intelligence, Attack, Detect, Respond
-
Red Team Adversary Emulation With Caldera
-
MITRE ATT&CK Framework for Offensive and Defensive Operations
