Hands-On Purple Team Workshops

Register Now
Purple team unicorn

Hands-On Purple Team Workshops

Join us for Hands-On Purple Team Workshops.
In our hands-on workshops you will play the role of Cyber Threat Intelligence, the red team, and the blue team. We have set up an isolated environment for each attendee to go through a Purple Team Exercise.


Next workshop:
Title: Introduction to Purple Team Exercises Workshop with PTEF
Date: Friday, April 29th
Time 1:00 - 4:00 PM ET

CLICK HERE TO REGISTER

Join our Adversary Emulation Lead, Tim Schulz, for a 3 hour Hands-On Purple Team Exercise Workshop!

**REGISTRATION REQUIRED****Please use a real email address so we can provision your VMware lab environment before the workshop**

In this three hour hands-on workshop you will be introduced to Purple Team Exercises and play the role of Cyber Threat Intelligence, the red team, and the blue team. We have set up an isolated environment for each attendee to go through a Purple Team Exercise following the Purple Team Exercise Framework.Attendees will:
• Learn the basics and use Command and Control (C2)
• Consume Cyber Threat Intelligence from a known adversary
• Extract adversary behaviors/TTPs and map to MITRE ATT&CK
• Play the Red Team by creating and executing adversary emulation plans
• Emulate the adversary behaviors in a small environment consisting of a domain controller, member server, and a Linux system
• Play the role of the Blue Team and look for Indicators of Compromise and Behaviors
• Use Wireshark to identify heartbeat and jitter
• Enable Sysmon configurations to detect adversary behavior
• Have FUN!

What do you need?
All you need is a web browser on a workstation/laptop (no iPads, sorry).

If you want to come better prepared, download and read the free Purple Team Exercise Framework (PTEF).

How will it work?
We are using VMware learning platform to give everyone their own isolated environment. This means we need your real email upon registration so we can provision your environment before the start of the workshop.

Join us for Hands-On Purple Team Workshops.
In our hands-on workshops you will play the role of Cyber Threat Intelligence, the red team, and the blue team. We have set up an isolated environment for each attendee to go through a Purple Team Exercise.


Next workshop:
Title: Intermediate Purple Team Workshop - Detection Engineering
Date: Friday, July 29th
Time 1:00 - 4:00 PM ET

CLICK HERE TO REGISTER

Join Chris Peacock for a three hour Hands-On Purple Team Exercise Workshop focused on Detection Engineering. This is an intermediate level workshop that does not require, but does recommend, you to have taken the Introduction to Purple Team Exercise workshop. If you missed it, we have these every other month, so check our training page to see when the next one is.

The workshop will guide attendees through the detection engineering process. Attendees will take curated threat actor procedures to emulate and detect. The process will include how to determine which log sources to target for investigation. After verifying the appropriate log sources, attendees will learn to hunt through and narrow down results until they have an actionable query to deploy as detection logic.

What do you need?

All you need is a web browser on a workstation/laptop (no iPads, sorry).

If you want to come better prepared, download and read the free Purple Team Exercise Framework (PTEF).

How will it work?
We use the VMware learning platform to give everyone their own isolated environment. This means we need your real email upon registration so we can provision your environment before the start of the workshop.

Default InputDefault Input
Default Input