Access your Pro+ Content below.
Royal Holloway: Purple team playbook – threat modeling for security testing
Sponsored by ComputerWeekly.com
The reality of information security is that it is impossible to completely ensure that an attacker cannot get into the corporate network. Instead, companies should look at how they prepare and react to security attacks by gaining an understanding of how cyber criminals work by combining the talents of red teams and blue teams
Table Of Contents
- Threat modelling and security testing provide a way to first identify the threats and then simulate how an attack can take hold.
- To fully understand the threats, analysts strive to have a full picture of attackers’ capability so that they can be as proactive as possible – one way of doing this is using blue and red teams to spot the gaps in cyber defence.
- A purple team testing framework can allow organisations to leverage existing data on threats, attack techniques, defences and assets, and help security teams to understand how cyber criminals work.