You're reading from Purple Team Strategies Enhancing global security posture through uniting red and blue teams with adversary emulation

Product type Paperback

Published in Jun 2022

Publisher Packt

ISBN-13 9781801074292

Length 450 pages

Edition 1st Edition

Tools

Kali Linux

Concepts

Penetration Testing

Authors (4):

David Routin

Samuel Rossier

Simon Thoores

Michael Molho

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Concept, Model, and Methodology

2. Chapter 1: Contextualizing Threats and Today's Challenges FREE CHAPTER

3. Chapter 2: Purple Teaming – a Generic Approach and a New Model

4. Chapter 3: Carrying out Adversary Emulation with CTI

5. Chapter 4: Threat Management – Detecting, Hunting, and Preventing

6. Part 2: Building a Purple Infrastructure

7. Chapter 5: Red Team Infrastructure

8. Chapter 6: Blue Team – Collect

9. Chapter 7: Blue Team – Detect

10. Chapter 8: Blue Team – Correlate

11. Chapter 9: Purple Team Infrastructure

12. Part 3: The Most Common Tactics, Techniques, and Procedures (TTPs) and Defenses

13. Chapter 10: Purple Teaming the ATT&CK Tactics

14. Part 4: Assessing and Improving

15. Chapter 11: Purple Teaming with BAS and Adversary Emulation

16. Chapter 12: PTX – Purple Teaming eXtended

17. Chapter 13: PTX – Automation and DevOps Approach

18. Chapter 14: Exercise Wrap-Up and KPIs

19. Other Books You May Enjoy

Conventions used

There are a number of text conventions used throughout this book.

Code in text: Indicates code words in the text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Cobalt Strike implements another technique to perform privilege escalation, which is the elevate svc-exe command."

A block of code is set as follows:

geoip {
    fields => [city_name, continent_code, country_code3, country_name, region_name , location]
    source => "source_ip"
    target => "source_geo"
}

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

        <q2:Data>Server=http://wec01.mydomain.com:5985/wsman/SubscriptionManager/WEC,Refresh=3600</q2:Data> 
            </q2:Element> 
        </q2:Value> 
    </q2:ListBox>

Any command-line input or output is written as follows:

#Display a specific subscription in XML format
wecutil gs "Authentication" /format:XML
# Delete subscription
wecutil ds "Authentication"

Bold: Indicates a new term, an important word, or words that you see on screen. For instance, words in menus or dialog boxes appear in bold. Here is an example: "The Knowledge | Tools view allows us to see any relationships."

Tips or Important Notes

Appear like this.

The rest of the chapter is locked

You're reading from Purple Team Strategies Enhancing global security posture through uniting red and blue teams with adversary emulation

Table of Contents (20) Chapters

Conventions used

Unlock this book and the full library FREE for 7 days

Authors (4)

Personalised recommendations for you