Build your cyber resilience

Purple Teaming

Strengthen your cyber attack detection and response. Make continuous testing and development part of your cyber operations.

Measurable resilience validation

Fraktal Purple Teaming helps you detect various security issues before adversaries find them. It is a collaborative security testing and validation service where the attacking team of experts (Red team) works in close cooperation with the IT and security teams (Blue Team).

The goal is to test and verify visibility and response of security operations (SOC, EDR, MDR, XDR) as they monitor environments for malicious activity. The test scenarios provide measurable and actionable data that strengthen your cyber resilience.

Highlight case

Elisa: Continuous testing for 50+ months

  • Purple teaming
  • Targeted attack scenarios
  • Tailored dashboard
  • Mapping to MITRE ATT&CK®

Optimized cyber attack detection and response

Your get impartial hard data and metrics on your cyber incident detection and response capability. We support you in building technology, processes, and culture for optimized cyber capabilities and cyber resilience. Our continuous and iterative approach helps your company face the changing threat landscape positively prepared.

Cooperative approach and positive partnership

We are an independent and easy-to-work-with cyber security partner. Our Purple Teaming service is delivered in monthly iterations, starting from scenario planning and execution, and ending with a reporting meeting to grow awareness of the scenarios that have been performed unnoticed. This enables continuous learning and optimization of protection capabilities.

As a client, you don’t need to know exactly what you want to test. We can apply a variety of testing scenarios designed for typical threats that organizations face. Additionally, we develop new scenarios to match threats and attack vectors relevant to the client. Your team can validate their capabilities, engage in continuous learning, and be confident in building cyber resilience.

Why choose Purple Teaming?

  • Visibility on the whole cyber security landscape
  • Independent and continuous testing, quality assurance
  • Can be used in all environments, no technological limitations
  • The service is easy to take into use
  • Impartial hard data: how many attacks have been performed, how many are detected etc.
  • Flexibility, fast reaction to new threats
  • Monthly status update, always up-to-date knowledge
  • Validation of your cyber security capabilities and optimizing them
  • Testing and learning in your own environment
  • The most cost-effective way to develop your defenses and understanding of your detection and response capabilities

The process of Purple Teaming

1

Design

  • Maps the client-relevant needs and expectations.
  • Gives a good understanding of the current situation and creates a good starting point for cooperation.
  • Critical assets and threat scenarios are identified.
2

Setup

  • Our "assume breach" testing assumes a failure of the first defense line.
  • All the client needs to deliver is a standard laptop, setting up a jumphost or an access to the environment.
  • No installations required , Fraktal will find its way around just like adversaries.
3

Calibration

  • Starts with attack surface enumeration that can be used to plan the initial attack scenarios.
  • As the team gets familiar with client environment the attacks will focus on testing existing capabilities and domains that require the most development.
  • Calibration period will initiate the dialog about metrics and getting feedback for new features for the service.
4

Continuous testing

  • Continuous testing with new scenarios based on the relevant threat landscape and attack paths.
  • Real-time information available of the tests performed
  • A dedicated monthly walk-through to detail the technical elements for the defending team.
  • Monthly reporting with metrics agreed with the client.

Continuous information sharing

Every attack and and result is mapped to the industry-standard MITRE ATT&CK framework. This comprehensive coverage not only enhances visibility but also fosters continuous improvement, boosting confidence in your cybersecurity strategy over time.

Contact us for more information

Jani Kallio

jani.kallio@fraktal.fi
+358 40 190 9515