fbpx
TCM Security is offering free Active Directory Health Checks to any company with 10 or more employees. To inquire, please contact us here.

SOC / Purple Team Testing

Often, the best way to improve the “blue” team is to work hand-in-hand with the “red” team.  This turns into a “purple” teaming engagement, where the red team runs common attack scenarios, such as malware uploads, file extractions, network attacks, and much more with the goal of improving blue team baselining and detection capabilities.

Our team of engineers will work closely with your blue team to pick attack scenarios for the assessment. A playbook of options will be provided however we can also tailor attacks based on client needs.

Often, the best way to improve the “blue” team is to work hand-in-hand with the “red” team.  This turns into a “purple” teaming engagement, where the red team runs common attack scenarios, such as malware uploads, file extractions, network attacks, and much more with the goal of improving blue team baselining and detection capabilities.

Our team of engineers will work closely with your blue team to pick attack scenarios for the assessment. A playbook of options will be provided however we can also tailor attacks based on client needs.

Our Methodology

All testing performed is based on the NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide (v4), and customized testing frameworks.

Planning

Customer goals are gathered and rules of engagement obtained.

Discovery

Perform scanning and enumeration to identify potential vulnerabilities, weak areas, and exploits.

Attack

Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.

i

Reporting

Document all found vulnerabilities and exploits, failed attempts, and company strengths and weaknesses.

Thorough Testing

Scenarios performed during purple team testing include, but are not limited to:

  • Admin account creation detection
  • Sensitive file exfiltration detection
  • Endpoint security detection
  • Command and control (C2) detection
  • Evil twin detection
  • Credential dumping detection
  • Remote access tool detection
  • Active Directory attack detection
  • Other testing depending on specific customer content and footprint

Thorough Testing

Scenarios performed during purple team testing include, but are not limited to:

  • Admin account creation detection
  • Sensitive file exfiltration detection
  • Endpoint security detection
  • Command and control (C2) detection
  • Evil twin detection
  • Credential dumping detection
  • Remote access tool detection
  • Active Directory attack detection
  • Other testing depending on specific customer content and footprint

Thorough Testing

Scenarios performed during purple team testing include, but are not limited to:

  • Admin account creation detection
  • Sensitive file exfiltration detection
  • Endpoint security detection
  • Command and control (C2) detection
  • Evil twin detection
  • Credential dumping detection
  • Remote access tool detection
  • Active Directory attack detection
  • Other testing depending on specific customer content and footprint

Proudly Trusted By:

Sample Pentest Report

See The Results We Can Deliver To You. No Email Required.

See How We Can Secure Your Assets

Let’s talk about how TCM Security can solve your cybersecurity needs. Give us a call, send us an e-mail, or fill out the contact form below to get started.

 

tel: (877) 771-8911 | email: info@tcm-sec.com