Skip to main content

Purple Teaming Services

JUMPSEC threat-led purple teaming. Unparalleled assurance for your critical assets through a collaborative security approach and real-world attack simulation.

Speak to our experts
Play Video

Why is Purple Teaming So Effective?

Even within the realm of adversarial simulation (i.e red teaming, purple teaming, attack path management), JUMPSEC considers purple teaming to be an outlier in how effective it can be in rapidly improving organisation’s security standards.

Each adversarial simulation engagement is valuable in the right context. If you’ve recently released a new website that is an entirely new code base, then you would be best to pursue a penetration test. On the other hand, if you have been consistently improving your security posture for a sustained period and want to assess the true exploitability of your estate, then a covert red team would best answer that question.

But if you want to see real-world improvement in your security posture, a purple team engagement is uniquely positioned to apply an adversarial (or ‘red team’) mindset to each of your critical assets, taking a collaborative approach to simultaneously strengthen your defensive ‘blue team’ capability. This provides you insight and assurance that simply is not possible with a penetration test or red team exercise.

Typical offensive services struggle to make a lasting impact because they provide an exhaustive, and often overwhelming, list of fixes to be implemented. Only in a collaborative purple team engagement can you make iterative improvements to security controls, whilst having them validated in real-time, reducing time and costs required to achieve a security posture capable of withstanding a real-world attack.

What Can a Purple Teaming Company Identify?

On a typical 4-6 week engagement, JUMPSEC will on average:

lock icon dark purple
Define and validate ~30 attack paths (10 internal, 22 external)
lock icon dark purple
Simulate 100+ common TTPs across the MITRE ATT&CK framework
lock icon dark purple
Create and validate 63 custom test cases related to the clients critical assets and greatest concerns
lock icon dark purple
Discover ~20 previously unidentified vulnerabilities
lock icon dark purple
Create and validate ~35 customs detections in the client estate
lock icon dark purple
Identify a further 20 detection opportunities for future exploration

Internal security teams do not wait for our technical report to address our findings. Several security gaps can be fixed as they emerge in tandem, without disrupting the flow of a typical adversarial simulation.

Your security team respond to a sustained attack from a persistent and sophisticated live threat, whilst gaining the insight required to remediate and validate risks on the spot. This means your defensive team plays an integral part in the success of the engagement. That knowledge transfer between red and blue teams can significantly uplift the technical expertise of your security operations, which is essential for long-term organisational resilience. 

How Purple Teaming Works

JUMPSEC typically conduct purple team engagements over five phases:

01

Threat Model Workshop

JUMPSEC facilitates an in-person workshop in which we map out your entire estate, your business-critical assets, greatest risks and defensive controls. This allows us to gain an intimate understanding of your environment and begin to plan likely attack paths to the crown jewels of your organisation.

02

Threat Intelligence

JUMPSEC profiles the types of threat groups targeting organisations like yours. From this, specific TTPs related to those threat groups can be carried into the subsequent stages. In this phase we also create a list of the very latest CVEs, 0-days and vulnerabilities facing your organisation for testing during the engagement.

03

Test Case Creation

With the above information we can create a curated list of test cases that address all of your biggest concerns. Depending on the size of the estate this could be a list of over 100 custom test cases, tailored specifically to your environment and built around your greatest concerns.

04

Execution

JUMPSEC systematically progresses through your security estate and works collaboratively with your security teams/vendors to meticulously record the outcome of each test case. Typically, many new vulnerabilities are discovered during the engagement window, as well as the validation across every component of your security posture.

05

Reporting, Debrief and Workshops

Reports are created and workshops organised to deliver the results of the execution phase, detailing the ability to detect, prevent and alert on each of the test cases. JUMPSEC also includes the purple team database containing the low-level results and evidence for each test case, for review at your own pace.

What are the Key Project Outcomes with Purple Teaming

Cover several attack paths to your critical assets, not simply the path of least resistance.

Simulate adversaries at all levels of sophistication. JUMPSEC replicate the threats posed to your business, from unsophisticated to a nation state threat actor.

Inform the development of adjacent capabilities such as incident containment and response use cases for specific high-risk attack scenarios.

Actively support long-term knowledge transfer and improve collaboration between offensive and defensive security teams.

Comprehensively validate your security controls and tooling are working as intended, from granular EDR analysis, to the speed and accuracy of your managed service security functionality.

What Our Clients Say ...

“Recently we engaged a comprehensive purple team exercise. Working collaboratively with JUMPSEC Blue and Red Teams we were able to make real time improvements to our security posture. This included implementing technical solutions, tweaking detections and finding innovative ways to compromise a system. The advantages working in this collaborative manner through a purple team engagement, far outweigh approaches taken in a traditional PenTest."

Groupe Atlantic, UK

Resources

Recommended
stock image header

The Under Appreciated Value of Purple Teaming

Having recently finished an extensive and eye-opening purple team engagement, I took some time to reflect on the sheer amount of ground that we had covered in just 6 short weeks…

Read guide

cyber-security-red-teaming

Butting Heads With a Threat Actor on an Engagement

At the time of writing I am enjoying some non-billable time in the wake of a demanding engagement spanning across several months. As such, I thought it would be a good time to write…

Read guide

Securing against new offensive techniques abusing Active Directory Certificate Service

What is Purple Teaming?

Purple teaming gets its name from the combined effort of both the blue (defensive) and red (offensive) teams.

Read blog

crest soc icon
The-Cyber-Scheme-logo
check IT health service logo
National-Cyber-Security-Centre-logo
ISO9001 logo
cyber essentials certified
ISO2 7001 logo
crown-commercial-services-logo
UK_ASSURE-logo
cyberep
crest star logo

Achieve the cyber security outcomes you need.

We work to enable effective cyber security for our clients; helping them to future proof their cyber defences and realise genuine improvement over time.

Get started
Jumpsec logo transparent

Jumpsec Limited is a limited company registered in England and Wales under company number: 08327063

Contact Us

0333 939 8080
[email protected]

Open 24 Hours

Find Us

Unit 3E – 3F, 33 – 34 Westpoint, Warple Way, Acton W3 0RG

Find us on Google Maps

Join Us

Interested in a role at JUMPSEC? Email [email protected]

Follow Us

©2024 Jumpsec | All Rights Reserved | Privacy PolicyTerms & Conditions | Sitemap