• Complain

David Routin - Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation

Here you can read online David Routin - Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2022, publisher: Packt Publishing, genre: Politics. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

David Routin Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation
  • Book:
    Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation
  • Author:
  • Publisher:
    Packt Publishing
  • Genre:
  • Year:
    2022
  • Rating:
    4 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 80
    • 1
    • 2
    • 3
    • 4
    • 5

Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Leverage cyber threat intelligence and the MITRE framework to enhance your prevention mechanisms, detection capabilities, and learn top adversarial simulation and emulation techniques

Key Features
  • Apply real-world strategies to strengthen the capabilities of your organizations security system
  • Learn to not only defend your system but also think from an attackers perspective
  • Ensure the ultimate effectiveness of an organizations red and blue teams with practical tips
Book Description

With small to large companies focusing on hardening their security systems, the term purple team has gained a lot of traction over the last couple of years. Purple teams represent a group of individuals responsible for securing an organizations environment using both red team and blue team testing and integration if youre ready to join or advance their ranks, then this book is for you.

Purple Team Strategies will get you up and running with the exact strategies and techniques used by purple teamers to implement and then maintain a robust environment. Youll start with planning and prioritizing adversary emulation, and explore concepts around building a purple team infrastructure as well as simulating and defending against the most trendy ATT&CK tactics. Youll also dive into performing assessments and continuous testing with breach and attack simulations.

Once youve covered the fundamentals, youll also learn tips and tricks to improve the overall maturity of your purple teaming capabilities along with measuring success with KPIs and reporting.

With the help of real-world use cases and examples, by the end of this book, youll be able to integrate the best of both sides: red team tactics and blue team security measures.

What you will learn
  • Learn and implement the generic purple teaming process
  • Use cloud environments for assessment and automation
  • Integrate cyber threat intelligence as a process
  • Configure traps inside the network to detect attackers
  • Improve red and blue team collaboration with existing and new tools
  • Perform assessments of your existing security controls
Who this book is for

If youre a cybersecurity analyst, SOC engineer, security leader or strategist, or simply interested in learning about cyber attack and defense strategies, then this book is for you. Purple team members and chief information security officers (CISOs) looking at securing their organizations from adversaries will also benefit from this book. Youll need some basic knowledge of Windows and Linux operating systems along with a fair understanding of networking concepts before you can jump in, while ethical hacking and penetration testing know-how will help you get the most out of this book.

Table of Contents
  1. Contextualizing Threats and Todays Challenges
  2. Purple Teaming a Generic Approach and a New Model
  3. Carrying Out Adversary Emulation with CTI
  4. Threat Management Detecting, Hunting, and Preventing
  5. Red Team Infrastructure
  6. Blue Team Collect
  7. Blue Team Detect
  8. Blue Team Correlate
  9. Purple Team Infrastructure
  10. Purple Teaming the ATT&CK Tactics
  11. Purple Teaming with BAS and Adversary Emulation
  12. PTX Purple Teaming eXtended
  13. PTX Automation and DevOps Approach
  14. Exercise Wrap-Up and KPIs

David Routin: author's other books


Who wrote Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation? Find out the surname, the name of the author of the book and a list of all author's works by series.

Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Purple Team Strategies Enhancing global security posture through uniting red - photo 1
Purple Team Strategies

Enhancing global security posture through uniting red and blue teams with adversary emulation

David Routin

Simon Thoores

Samuel Rossier

BIRMINGHAMMUMBAI Purple Team Strategies Copyright 2022 Packt Publishing All - photo 2

BIRMINGHAMMUMBAI

Purple Team Strategies

Copyright 2022 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Group Product Manager: Vijin Boricha

Publishing Product Manager: Vijin Boricha

Senior Editor: Tanya D'cruz

Content Development Editor: Yasir Ali Khan

Technical Editor: Arjun Varma

Copy Editor: Safis Editing

Project Coordinator: Shagun Saini

Proofreader: Safis Editing

Indexer: Tejal Daruwale Soni

Production Designer: Shyam Sundar Korumilli

Senior Marketing Coordinator: Hemangi Lotlikar

Marketing Coordinator: Sourodeep Sinha

First published: May 2022

Production reference: 1190522

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham

B3 2PB, UK.

ISBN 978-1-80107-429-2

www.packt.com

Contributors
About the authors

David Routin became interested in computer security at a young age. He started by learning about old-school attack methods and defense against them in the 1990s with Unix/Linux systems. He now has over two decades of experience and remains passionate about both sides of security (offensive and defensive). He has made multiple contributions to the security industry in different forms, from the MITRE ATT&CK framework, the SIGMA project, and vulnerability disclosures (Microsoft) to public event speaking and multiple publications, including articles in the French MISC magazine.

As a security professional, he has held multiple positions, including security engineer, open source expert, CISO, and now security operations center (SOC) and Purple Team manager at e-Xpert Solutions. Over the last 10 years, he has been in charge of building and operating multiple SOCs for MSSPs and private companies in various sectors (including industry, pharma, insurance, finance, and defense).

His domains of expertise are SOC creation, SIEM technologies, use case development, Blue teaming, incident response for large-scale critical incidents, and forensic (SANS GCFA/GCIH certifications) and applied norms (ISO 27001 and PCI-DSS company certifications).

Special thanks to my co-authors and friends for taking up this challenge.

To my bosses, Cdric and Christian @e-Xpert Solutions, thank you for your trust and your support.

This book is dedicated to my family for their love, patience, and flawless support. Thank you, Marie, Elisa, and Alexandre.

Simon Thoores is a cybersecurity analyst who specializes in forensics and incident response. He started his career as a security analyst after obtaining an engineering diploma in information system architecture with a focus on security. He built his forensics and reverse engineering skills during large-scale incident responses, and he finally validated these skills with GCFA. Then, he moved to the threat intelligence field to better understand and emulate attackers in order to improve infrastructure security.

I want to thank my wife, Alix, for her boundless support and trust, and I also want to thank my family for their encouragement and help. Finally, I want to thank my former and current colleagues for their help and our late-night discussions about our common passion.

We would also like to thank Dimitri Cognet for his contribution to the book as a DevOps specialist.

Samuel Rossier is currently SOC lead within a government entity where he focuses on detection engineering, incident response, automation, and cyber threat intelligence. He is also a teaching assistant at the SANS Institute. He was previously responsible for a private bank group CIRT, and also worked as an SOC manager within an MSSP. He also spent several years within a consulting cybersecurity practice.

Samuel currently holds a master's degree in information systems and several information security certifications, including GRID, GMON, eCIR, eCTHP, eCRE, eNDP, and eJPT.

He is also a contributor to the MITRE D3FEND and SIGMA frameworks and likes to speak at conferences and analyze malware. He values a strong emphasis on the people dimension of cybersecurity by sharing knowledge.

Thanks to my family, friends, and colleagues for their guidance and support.Thanks to my two sons, who are challenging me every day to be a better father.Thanks to my friends and co-authors for this amazing cybersecurity journey we are sharing together.Finally, I'd like to thank my beloved wife for her love, patience, and encouragement, and for always believing in me.

About the reviewers

Ludovic Paillard is co-founder and CTO at Soluss. He worked for several years as an analyst and engineer in an SOC. Ludovic is also involved in the training of computer science students. He is enthusiastic about data analysis and specializes in the Elastic Stack. His motto is, Make security actionable and accessible to all.

I would like to thank my wife, Yumi, for her indefectible support. I would also like to thank my partners, Sbastien and Sofiane, for the entrepreneurial adventure we share.

Finally, I would like to thank my former colleagues, who have been a source of inspiration and learning: Jrmy, Rmi, Samuel, and Simon.

Philip Pieterse is an information security consultant and manager with more than 20 years of experience in network and information security. Philip has led and supported the creation and deployment of penetration testing programs for global customers operating in multiple industries, including government and banking.

He has in-depth experience in developing comprehensive, customized penetration testing programs, including Red Team emulations. As a leader, he is highly skilled in establishing training and mentoring initiatives to cultivate high-performance teams.

Philip holds a master's degree in network and information security and has extensive training and certifications, including GXPN and GCPN through SANS and CISSP from ISC.

I want to thank my lovely wife, Celeste, and our three beautiful children, Connor, Cameron, and Zoey, for their continuous support and tolerance. You are always ready to pursue the next dream and push me to accomplish my goals. Thank you, I love you.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation»

Look at similar books to Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation»

Discussion, reviews of the book Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.