MP4 | Video: H264 1920x1080 | Audio: AAC 48000Hz 2 Ch
Language: English | Duration: 25+ hours | Size: 4.14 GB
In this four-day course, the attendees will walk through the Purple Team Exercise Framework, learning each role that plays a part in purple team engagements. Students will learn to collect Cyber Threat Intelligence (CTI), develop and conduct Adversary Emulation plans based on gathered intelligence, then dive into detection engineering to identify and resolve missed detection opportunities. Each day is a dive into one of the roles, and the course will conclude with a capstone that puts it all together in a purple team engagement. This intermediate-level course aims to broaden the students' understanding of purple team engagements' different roles and responsibilities and is geared towards red teamers, blue teamers, intelligence analysts, and managers looking to expand their purple team capabilities.
Day 1
Introductions
Module 1: Intro to Purple
Module 2: Threat/Adversary Emulation
Module 3: Intro to Threats
Module 4: Threat Modeling
Module 5: Threat Analysis
Module 6: Emulation Plans
Day 2
Module 7: Exercise Methodologies
Module 8: Testing Tools
Module 9: Capability Management
Module 10: Capability Development
Module 11: Adaptive Emulation
Module 12: Exercise Execution
Day 3
Module 13: Strategic Drivers of Detection Engineering
Module 14: Detection Engineering Process
Module 15: Common Detection Opportunity Types
Day 4
Module 16: An Exercise Framework (PTEF)
Module 17: Capstone Prep
Capstone Project (CTF)
KEY TAKEAWAYS
Students will learn how to develop adversary emulation plans
Students will learn how to build and assess detections
Students will learn how to perform purple team exercises in an interactive or automated fashion
WHO SHOULD TAKE THIS COURSE
This training is for security analysts, cyber threat intelligence analysts, red teams, and blue teams that want to add more purple teaming to their daily lives.
STUDENT REQUIREMENTS
Intermediate level understanding of red or blue team concepts.
WHAT STUDENTS SHOULD BRING
Laptop with web browser
Remote Desktop Protocol (RDP) Client
