Hands-On: Purple Team Exercise Workshop (Play both Red Team and Blue Team)

Posted on in Presentations

In this two hour hands-on workshop attendees will play the role of both the red and blue team. We have set up an isolated environment for each attendee to go through a Purple Team Exercise. Attendees will be able to create adversary emulation campaigns and run them in a small environment consisting of a domain controller, member server, and a Linux system. Then they will play the role of the defenders.

This session will follow Chatham House Rule to allow for free exchange of information and learning. We look forward to participants actively engaging in the discussion, and remind attendees that no comment attribution or recording of any sort should take place.

Attendees will need a web browser on a workstation/laptop (no iPads, sorry)
Read the framework: https://github.com/scythe-io/purple-team-exercise-framework/blob/master/PurpleTeamExerciseFramework.pdf
Watch the non-hands-on workshop: https://vimeo.com/446501220

This is a capacity-controlled session. If added to your schedule and your availability changes, please remove this session from your schedule to allow others to participate.

Jorge Orchilles


Instructor, Author, Purple Team Ambassador, SANS

Share With Your Community