Webcast: Atomic Purple Team Framework and Life Cycle

Jordan Drysdale & Kent Ickler //



Jordan and Kent are back again to continue strengthening organizations’ information security human capital (That’s all you folks!). Organization Leadership and Security Practitioners can gain understanding on the potential designed-to-fail Purple Teams initiatives never reached their full potential. The Duo reviews how systemic organizational career pathing created an insoluble Red vs Blue dichotomy.

MORE IMPORTANTLY: The team is announcing a recipe for Purple Team Wins:

The Atomic Purple Team (Lifecycle) Framework

Organizations struggling to efficiently leverage the skillsets of all information security staff will benefit from considering the Atomic Purple Team Lifecycle Framework’s business-driven workflow. The workflow takes its roots from tested continuous improvement frameworks like ISO9001, ISO27001, Six Sigma, and the like.

Watch how a methodical balance of risk analysis, attack, hunt and defend methodologies, and business considerations can effectively and continually improve an organizations’ security posture. As an added bonus, the framework incorporates concepts of Human Capital Management and knowledge-flow methodologies to encourage tacit knowledge exchange to further organic growth of the skillsets of all those involved in the Atomic Purple Team framework.

But wait, there’s more! Budget headaches? Learn how the Atomic Purple Team framework’s methodical flow also aligns to natural business operations management and reporting. The framework provides a clear path to cabinet-approved Purple Team budget appropriations to ensure long term security posture improvement.

Lastly, Jordan and Kent will demonstrate the Atomic Purple Team Lifecycle in action by running complete live Attack and Hunt/Defend lifecycle(s), all the way to risk management and budgetary thoughts.

Join the Black Hills Information Security Discord discussion server — https://discord.gg/aHHh3u5

Need slides and much more — https://github.com/DefensiveOrigins/A…

0:00 – Family Stories

1:07 – Atomic Purple Team Framework

3:28 – Executive Problem Statement

4:41 – Red Team, Blue Team, Purple Team

7:18 – Who / What is APT?

9:22 – Atomic Purple Team Lifecycle

18:18 – 1. Threat / Risk Assessment (Ingest) Types

19:59 – 2. Planning — What are the Tools

20:50 – 3. Attack / Execute / Engage

21:37 – 4. Hunt and Defend

22:01 – 5. Adjust & Harden

23:14 – 6. Reporting and Request for Deployment

27:07 – Lifecycles Start in Development

28:15 – Lifecycles End in Production

28:44 – APT Lab INfrastructure

29:48 – Off-Roading: Lab Demo

33:21 – Lifecycle Walkthrough — Goal Setting

34:50 – Purple Team Lifecycle Walkthrough

44:02 – Hunt and Defend Methodology

45:02 – Adjusting to Threat

47:21 – APTLC Playbook

48:49 – The Report

53:15 – Lessons Learned

59:25 – Post-Show Questions



Want to learn more mad skills from the person who wrote this blog?

Check out this class from Kent and Jordan:

Defending the Enterprise

Available live/virtual and on-demand!