Certified Purple Team Analyst [CPTA]

• Analyze various Host based attacks by Endpoint Monitoring solutions
• Analyze various Network based attacks by Network Device monitoring solutions
Hunt Cyber Threats in a realistic enterprise environment
• Collect Evidence & investigate Cyber Attacks using DFIR solutions
Visualize Protocol Level Attacks

Enroll Now

Red vs Blue

Team Joint Operations


with Challenges + References

Enterprise Tools

Security Operations Tools

Become CPTA

Earn Digital Badge + Certificate

CPTA Introduction

In this Lab, you will proactively work as a Purple team member, where as a red team operator you will perform different attacks and as a Blue Team member, you will Identify, Detect, Analyze then Respond those attacks in a realistic enterprise environment.

The main aim of this Lab is to help the Blue Team to Identify and Detect latest Techniques and Tools used by Adversary, Analyze and Respond ongoing attacks and collect the evidence for investigation purpose. However, Red team will understand execution of Red Team Operations in stealth mode without detection and aware about visibility against Blue Team.


Blue Team Highlights

MITRE Shield Integration
Hands-on on various SIEM solutions
Perform Real-Time Operating System level Vulnerability Assessment
Map each and every attack to MITRE ATT&CK Framework
Real-Time Network Traffic Visualization
Understand about various logs generated by Windows and Linux systems

Red Team Highlights

Simulate Attacker TTPs in realistic environment
Understand Logs, Events and Alerts generated by Offensive Tools
Identify latest Techniques to bypass different Security Solutions
Enhance Stealth Red Team skills by analyzing Blue Team activities
Generate Real-Time alerts using Automated Red Team Framework
Generate real-time alerts by performing Red Team Operations manually
Bypassing detection of Kerberos Based attacks

CPTA Syllabus Highlights

Introduction to Purple Teaming:

• About Red Teaming
• About Blue Teaming
• About Purple Teaming

Red Team Operations in Simulated Lab:

• Automated Adversary Simulation
• Manual Adversary Simulation
• Utilizing Open-source tools

Purple Team Lab Environment:

• Lab Overview
• Lab Architecture
• Lab Access
• About Enterprise Simulated Environment
• Adversary Simulation
• Adversary Detection
• About Red vs Blue Team Joint Operations

Defensive Operations in Lab:

• Host based attack detection
• Network Based attack detection
• AD Based attack detection
• Network Traffic Analysis
• Digital forensic and Incident Response

Purple Team Operations:

• Adversary Simulation Using MITRE ATT&CK Framework
• Adversary Detection using MITRE Shield Framework
• Tactics, Techniques and Procedures (TTPs) Simulation and Detection
• Attack & Defense in Windows Environment
• Attack & Defense in Linux Environment

Watch Detailed Course Video


Understanding of OS, Web & Network based attacks

Understanding about SIEM Solution

Familiarity with Command line basics

Certification Procedure:

To earn CyberWarFare Labs Certified Purple Team Analyst [CPTA] certificate, candidate must fulfill below criteria :

Skills Reflected by Certificate Holder:

• Detect broad range Tactics, Techniques & Procedures (TTPs) used by Red Teams across Cyber kill-chain
• Dormant operational as well as high-tech sophistication employed during offensive engagements
• Enough practical knowledge to combat & save assets from compromise against adversaries
• Scale the exposed attack surface & diminish possible attack vectors
• Perform Kerberos based attacks in fully patched AD environment
• Respond against a well-planned security incident in an organized & structured way
• One of the most important skill that is risk analysis prior to any active breach
• Operating under 0-trust methodology