Penetration Testing is Evolving

“Purple Teams,” are an opportunity for the Red Team (Penetration Testers) and the Blue Team (Defenders/Network Admins) to sit down and learn from each other.

Critical Insight has been performing Purple Team engagements, or some version of collaborative penetration testing, since they started technical testing. Recently, a medium-sized manufacturing and retail customer wanted a Purple Team engagement to address their PCI and internal security requirements. This customer was keen to quickly remediate discovered vulnerabilities and quickly learn from the exercise.

Within an hour of plugging into the network port in the conference room, the Critical Insight Penetration Tester was capturing hashed passwords. He cracked the passwords and then used the network access to deploy simulated malware. The Network Admin identified the malware and immediately remediated after discussing with Critical Insight.

Critical Insight later noticed the anti-virus software in use at this client was ineffective at stopping common attack tools or simulated malware payloads. The consultant discussed this with the client and reviewed the client’s plans to migrate to a new and more effective anti-malware engine.

With each finding and attack path, Critical Insight took the opportunity to explain to the client the vulnerability, the exploit, and the potential impact. And with each finding, the client was able to discuss mitigation plans and even deploy in real-time simple mitigations to thwart attacker tradecraft.

Organizations that test the technical vulnerabilities of their infrastructure get critical insight into their environments quickly. Critical Insight can conduct regular Penetration Tests or a Purple Team exercise for you.