LightCyber Introduces Free Purple Team Assessment to Test Data Breach Readiness

LightCyber Introduces Free Purple Team Assessment to Test Data Breach Readiness
07.10.2016 02:15 pm

LightCyber Introduces Free Purple Team Assessment to Test Data Breach Readiness


-LightCyber, a leading provider of Behavioral Attack Detection solutions, today announced that it is partnering with leading security consulting firms to provide free Purple Team Assessment for determining “data breach fitness” and assess an organization’s ability to detect active network attackers. The exercise combines the Red Team attack simulation by the partner with a Blue Team evaluation using LightCyber Magna Behavioral Attack Detection. The free offer is available through the remainder of 2016.

“In this age of catastrophic data breaches and with the recognition by the majority of security practitioners that they are blind to active attackers lurking on their networks, security assessments must go beyond the basics of vulnerability scans,” said Jason Matlof, executive vice president, LightCyber. “Purple Team testing provides a true measure of one’s ability to detect the operational behaviors of those attackers that inevitably will get into your network.”

As part of the assessment, an experienced Red Team tester from partner service providers will execute covert network attacks, focusing on reconnaissance, lateral movement and data exfiltration. The Red Team tester will utilize the tools, tactics and procedures of real threat actors to simulate an advanced attack and uncover weaknesses in systems and applications while remaining hidden.

Prior to the Red Team activities, LightCyber will deploy its Magna Behavioral appliance in the organization’s network to perform the Blue Team function by monitoring activity and learning the expected behavior of all users and devices. Then, during the attack simulation, one can see if Magna detects the red team attack. At the same time, the exercise checks whether existing infrastructure—such as firewalls, intrusion prevention systems and other security solutions—can spot the malicious activity.

The limited scope Red Team assessment delivers:

  • A high-level risk analysis of system, application and social engineering vulnerabilities
  • Valuable insight into how attackers would operate inside an organization’s network
  • A detailed report of LightCyber Magna security findings
  • An assessment of the organization’s overall security posture
  • Recommendations to improve incident response processes

Insights from Managed Security Service Providers

“The question that any CIO or security leader should be asking is whether or not their organization has the ability to find an active attacker before it’s too late,” said Jim Broome, president, Direct Defense. “The Purple Team exercise illustrates the blind spots that legacy security solutions have and how they hamper a company’s ability to spot and stop a network intruder. These should be a mandatory feature of any security solution for an organization that takes security seriously.”

“The dark ages of security ends with a Purple Team assessment that can determine one’s ability to root out a network attacker,” said Rob Anderson, chief operating officer, Secure Data Solutions, Inc. “Fallout from the massive Yahoo breach should give pause to any security or IT leader to confront their ability to stop an in-progress data breach.”

“The combination of a Red Team and a Blue Team exercise run in parallel provides an extremely valuable test of an organization’s ability to detect network intruders,” said Dominic Genzano, CEO at STIGroup, Ltd. “The lessons learned from this program should be very revealing and extremely valuable to the organization."

“Too many companies don't have the capabilities necessary to identify advanced threats on their network,” said Randy Watkins, director of security architecture, Critical Start. “The Purple Team approach may be quite revealing as to where a company stands in its ability to detect such attack activity.”

Related News

RSA Security Finds Thousands of Domains Containing Words “Coronavirus” and “COVID-19” Were Registered in January 2020

RSA Security’s Fraud & Risk Intelligence (FRI) Unit has today released details of recently-uncovered scams and cybercriminal activity, providing a snapshot of the cyber-... Read more »

Trezeo launches new products to expand its safety net for independent workers

Trezeo today announced a major extension to its existing offering, that enables independent workers to access a wider range of urgently needed product ‘bundles’. Trezeo’s... Read more »

Erste Bank Hungary Improves and Secures the Remote Banking Experience with OneSpan Mobile Security

OneSpan™ (NASDAQ: OSPN), the global leader in securing remote banking transactions, today announced that Erste Bank Hungary, a subsidiary of Erste Group Bank AG, one of the... Read more »

Semafone bolsters security with new PCI DSS certification for Cardprotect Relay+

Semafone®, the leading provider of data security and compliance solutions for call and contact centres, has achieved global... Read more »

Emirates NBD COVID-19 Coronavirus Precautionary Measures

Given the developing situation around the Coronavirus – COVID-19 outbreak, the safety and wellbeing of our customers, our employees and the community, remains our top priority... Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel