what-purple-teams-wish-companies-knew

Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

What Purple Teams Wish Companies Knew

After analyzing and buttoning up hundreds of cybersecurity incidents in 2022, a group of purple team consultants compared notes to share five of the most common mistakes they’ve observed organizations make.

A purple team is a group of offensive cybersecurity professionals (red team) working in tandem with defending teams (blue team) to improve operations and mitigate threats.

Lares security assessment firm has published its purple-team findings that found companies keep making the same five errors: bad event logging, a lack of offensive security knowledge, maintaining a codependent relationship with the security operations center (SOC), too great a reliance on tools, and excessive outsourcing. Organizations need to pay attention to critical log events so that they don’t overlook signs of malicious activity, to not expect detection and response tools to find all bad actors, and invest in their employees to learn and grow their security skills.

To properly defend their organizations, security professionals need to be aware of the latest threats and how to respond,” Andrew Hay, chief operating officer of Lares, said about the new report. “Security teams also need to be mindful of the potential issues that can arise from their defensive measures.”

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Related News

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

The primary targets of this phishing campaign are located in the Ukrainian regions of Crimea, Donetsk, and Lugansk, which were…
CyberSecure Announces Strategic Alliance

CyberSecure Announces Strategic Alliance

BETHESDA, Md.,¬†March 24, 2023¬†/PRNewswire/ — Cybersecure IPS and LockDown Inc. jointly announce that they have entered a strategic alliance to…
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Researchers from France-based pen-testing firm Synacktiv demonstrated two separate exploits against the Tesla Model 3 this week at the Pwn2Own…