Certified Purple Team Analyst

Course OverView:

  • Analyse various Host based attacks by Endpoint Monitoring solutions
  • Analyse various Network based attacks by Network Device monitoring solutions
  • Hunt Cyber Threats in a realistic enterprise environment
  • Collect Evidence & investigate Cyber Attacks using DFIR solutions
  • Visualize Protocol Level Attacks
Enroll Now
product
  • Red vs Blue
    Team Joint Operations
  • Dedicated Dashboard
    for Realistic Challenges
  • Enterprise Focused
    Security Monioring Softwares
  • Badge + Certificate
    Purple Team Specialist

Introduction:

In this Lab, you will proactively work as a Purple team member, where as a red teamer you will perform different attacks and as a Blue Teamer, you will Identify, Detect, Analyse then Respond those attacks in a realistic enterprise environment.

The main aim of this Lab is to help the Blue Teamers to Identify and Detect latest Techniques and Tools used by Adversary. Analyze and Respond ongoing attacks and collect the evidence for investigation purpose. However, Red teamers will understand execution of Red Team Operations in stealth mode without detection and aware about visibility against Blue Team.

Blue Team Highlights:

MITRE Shield Integration
Hands-on on various SIEM solutions
Perform Real-Time Operating System level Vulnerability Assessment
Map each and every attack to MITRE ATT&CK FrameWork
Real-Time Network Traffic Visualization
Understand about various logs generated by Windows and Linux systems

Red Team Highlights:

Simulate Attacker TTPs in realistic environment
Understand Logs, Events and Alerts generated by Offensive Tools
Identify latest Techniques to bypass different Security Solutions
Enhance Stealth Red Team skills by analyzing Blue Team activities
Generate Real-Time alerts using Automated Red Team FrameWork
Generate real-time alerts by performing Red Team Operations manually
Bypassing detection of Kerberos Based attacks

Syllabus Highlights:

Purple Team Analyst Course is divided in to 5 main modules categorized below

Introduction to Red Teaming:

  • About Red Teaming
  • About Blue Teaming
  • About Purple Teaming

Red Team Lab setup:

  • Lab Overview
  • Lab Architecture
  • Lab Access
  • About Enterprise Simulated Environment
  • Adversary Simulation
  • Adversary Detection
  • About Red vs Blue Team Joint Operations

Red Team Operations in Simulated Lab:

  • Automated Adversary Simulation
  • Manual Adversary Simulation

Red Teaming in Internal Environment:

  • Host based attack detection
  • Network Based attack detection
  • AD Based attack detection
  • Network Traffic Analysing
  • Digital forensic and Incident Response

Red Team Operations in Simulated Lab:

  • Adversary Simulation Using MITRE ATT&CK Framework
  • Adversary Detection using MITRE Shield Framework
  • Tactics, Techniques and Procedures (TTPs) Simulation and Detection
  • Attack & Defense in Windows Environment
  • Attack & Defense in Linux Environment

Pre-Requisites:

Eagerness to Learn Understanding of OS, Web and Network based attacks monitoring Understanding about SIEM Solution

Skills Reflected by Certificate Holder:

  • Detect broad range Tactics, Techniques & Procedures (TTPs) used by Red Teams across Cyber kill-chain
  • Dormant operational as well as high-tech sophistication employed during offensive engagements
  • Enough practical knowledge to combat and save assets from compromise against adversaries
  • Scale the exposed attack surface and diminish possible attack vectors
  • Perform Kerberos based attacks in fully patched Active Directory environment
  • Respond against a well-planned security incident in an organized and structured way
  • One of the most important skill that is risk analysis prior to any active breach
  • Operating under 0-trust methodology.

Copyright ©2021 CyberWarFare Labs. All Rights Reserved