top of page
24a.png

INTRO TO PURPLE TEAM OPERATIONS

Anchor 1

BRIDGING THE GAP BETWEEN OFFENSE AND DEFENSE: MASTER THE ART OF PURPLE TEAM OPERATIONS 

Threat intelligence done right.

This course is focused on using comprehensive threat modeling to determine the most likely avenue of approach for an adversary by evaluating and analyzing the unique topology of a network. Students will learn to analyze data through the scope of cyber adversaries for pertinent indicators of compromise within endpoint and network appliances, traffic analysis, data analysis and more. This analysis will reveal likely target network infrastructure and coverage gaps. This course couples offensive security concepts with blue team defensive strategies to maximize the allocation of cyber resources, placing the squarely in the path of the would-be attacker.

​

Course Objective

Intro to Purple Team Operations (TI-II) builds on the concepts introduced in the CIAO TI-I course. Strategic network defense relies on understanding your risks and the likely attack vectors within your environment. Through analysis of the threats and your own infrastructure, the most pervasive security issues become clear. In this course, students will develop a clear picture of the threats that must be prioritized, develop comprehensive strategies for how to develop a practical defense in depth policy & apply that strategy to thwarting the most likely cyber attacks.

OVERVIEW

3unnamed.jpg

Target audience: This course is designed for technical network defenders tasked with the strategic planning and implementation of their network defense resources.

​

Prerequisites

Cyber Intelligence Analytics and Operations (CIAO TI-I) strongly recommended

 

Length: Approx 35 Hours of Instruction

 

Completion: Course Certification

Unit 1: Intelligence Driven Operations

  • Module 1.1: Intelligence Operations Overview

    • Planning/Direction

    • Intelligence Driven Operations

    • Collection and Exploitation

    • Analysis and Reporting

  • Module 1.2: Cyber Risk Analysis

    • Analyzing your Target Network

    • System Baselining

    • Determining Likelihood & Impact

  • Module 1.3: Threat Modeling

    • Threat Modeling and Gap Analysis

    • Recon & Enumeration

    • Intrusion, Persistence & Escalation

    • Actions on the Objective

    • Motives and Opportunities (Vulnerabilities)

 

Unit 2: Channeling the Adversary

  • Module 2.1:Historic Attacks

    • Attack Analysis

      • Campaign phases (opportunities for action)

    • Operationalizing Hindsight

    • Introduction to Ethical Hacking

      • Penetration Testing

      • Exploits and Red Teaming

  • Module 2.2: Actioning the Avenue of Approach

    • Testing Current Defenses

    • Pivoting the Attack Campaign

    • Bypassing Defensive Measures

  • Module 2.3: Introduction to Malware Analysis

    • Orientation

    • Sandboxing

    • Content and String Analysis

 

Unit 3: Closing in on the Adversary

  • Module 3.1: Targeted Risk Treatment

      • Prevention

    • Whitelisting/Group Policies

    • Attack Phase Prevention

      • OS Specific Threat Hunting

      • Detection

    • Traffic Analysis

  • Module 3.2: Introduction to Threat Hunting

    • Operational Overview

      • Tools and VMs

    • OS Specific Threat Hunting

    • Hunting on the Network

      • Networking Overview: Protocols and Data

      • Log Analysis vs. Active Data

      • Centralized Logging

  • Module 3.3: Platforms and Reporting

    • Operations Notes

      • Hotwash/After Action

    • Reporting

      • Platforms vs Traditional

  • Cyber Intelligence Analytics and Operations - 60 Day Online, Self Paced Training
    Cyber Intelligence Analytics and Operations - 60 Day Online, Self Paced Training
    Access granted once registered
    Online, Self-Paced Training
    Access granted once registered
    Online, Self-Paced Training
    Access granted once registered
    Online, Self-Paced Training
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations. This class is available for online for 60 days from registration with weekly live cohorts & concludes with a certificate of training.
  • Purple Team Cyber Operations (TI-II)
    Purple Team Cyber Operations (TI-II)
    Tue, Jan 18
    Live Virtual, Instructor-Led
    Jan 18, 2022, 8:00 AM MST – Jan 22, 2022, 4:00 PM MST
    Live Virtual, Instructor-Led
    Jan 18, 2022, 8:00 AM MST – Jan 22, 2022, 4:00 PM MST
    Live Virtual, Instructor-Led
    In this course, students will develop a clear picture of the threats that must be prioritized, develop comprehensive strategies for how to develop a practical defense in depth policy & apply that strategy to thwarting the most likely cyber attacks.
  • Network and Security Foundations - Virtual Instructor Led (vILT)
    Network and Security Foundations - Virtual Instructor Led (vILT)
    Multiple Dates
    Mon, Jan 03
    Every Monday & Wed for 8 Weeks, Virtual
    Jan 03, 2022, 8:00 AM MST – Feb 23, 2022, 4:00 PM MST
    Every Monday & Wed for 8 Weeks, Virtual
    Jan 03, 2022, 8:00 AM MST – Feb 23, 2022, 4:00 PM MST
    Every Monday & Wed for 8 Weeks, Virtual
    Bootcamp style course to learn the networking and security foundations necessary to begin a career in Cybersecurity. Every Monday and Wednesday for a period of 8 Weeks. Prepares students for industry standard certifications such as Net+/Sec+
  • Network and Security Fundamentals
    Network and Security Fundamentals
    Tue, Jan 05
    Boise, ID, USA
    Jan 05, 2021, 8:30 AM – Feb 23, 2021, 4:30 PM
    Boise, ID, USA
    Jan 05, 2021, 8:30 AM – Feb 23, 2021, 4:30 PM
    Boise, ID, USA
    Bootcamp style course to learn the networking and security foundations necessary to begin a career in Cybersecurity. Every Monday and Wednesday for a period of 8 Weeks. Prepares students for industry standard certifications such as Net+/Sec+
  • Network and Security Fundamentals for TI & SOC Analysis - Virtual Instructor Led (vILT)
    Network and Security Fundamentals for TI & SOC Analysis - Virtual Instructor Led (vILT)
    Tue, Sep 15
    Zoom Virtual Event
    Sep 15, 2020, 8:30 AM MDT – Sep 26, 2020, 4:30 PM MDT
    Zoom Virtual Event
    Sep 15, 2020, 8:30 AM MDT – Sep 26, 2020, 4:30 PM MDT
    Zoom Virtual Event
    Learn networking and security foundations necessary to conduct meaningful and contextual threat intelligence/SOC operations in this comprehensive course.
  • Cyber Intelligence Analytics and Operations - VILT
    Cyber Intelligence Analytics and Operations - VILT
    Mon, Jun 22
    Virtual Instructor Led Training
    Jun 22, 2020, 9:00 AM MDT – Jun 26, 2020, 5:00 PM MDT
    Virtual Instructor Led Training
    Jun 22, 2020, 9:00 AM MDT – Jun 26, 2020, 5:00 PM MDT
    Virtual Instructor Led Training
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations. This class is 5 days of instructor-led training and concludes with a certificate of training.
  • Cyber Intelligence Analytics and Operations - VILT
    Cyber Intelligence Analytics and Operations - VILT
    Mon, May 18
    Virtual Instructor Led Training
    May 18, 2020, 8:30 AM MDT – May 22, 2020, 4:30 PM MDT
    Virtual Instructor Led Training
    May 18, 2020, 8:30 AM MDT – May 22, 2020, 4:30 PM MDT
    Virtual Instructor Led Training
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations. This class is 5 days of instructor-led training and concludes with a certificate of training.
  • Cyber Intelligence Analytics and Operations - VILT
    Cyber Intelligence Analytics and Operations - VILT
    Mon, Apr 27
    Online, Virtual Instructor-Led Training
    Apr 27, 2020, 8:30 AM MDT – May 01, 2020, 5:30 PM MDT
    Online, Virtual Instructor-Led Training
    Apr 27, 2020, 8:30 AM MDT – May 01, 2020, 5:30 PM MDT
    Online, Virtual Instructor-Led Training
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations. This class is 5 days of instructor-led training and concludes with a certificate of training.
  • Network and Security Fundamentals for TI & SOC Analysis
    Network and Security Fundamentals for TI & SOC Analysis
    Tue, Jan 07
    Boise, ID, USA
    Jan 07, 2020, 7:30 AM – Jan 11, 2020, 4:30 PM
    Boise, ID, USA
    Jan 07, 2020, 7:30 AM – Jan 11, 2020, 4:30 PM
    Boise, ID, USA
    Learn networking and security foundations necessary to conduct meaningful and contextual threat intelligence/SOC operations in this comprehensive course.
  • Cyber Intelligence Analytics and Operations (1)
    Cyber Intelligence Analytics and Operations (1)
    Tue, Nov 26
    Boise, ID, USA
    Nov 26, 2019, 8:30 AM MST – Nov 30, 2019, 4:30 PM MST
    Boise, ID, USA
    Nov 26, 2019, 8:30 AM MST – Nov 30, 2019, 4:30 PM MST
    Boise, ID, USA
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations.
  • Security Awareness Training
    Security Awareness Training
    Sat, Nov 09
    Boise, ID, USA
    Nov 09, 2019, 9:00 AM – 4:00 PM
    Boise, ID, USA
    Nov 09, 2019, 9:00 AM – 4:00 PM
    Boise, ID, USA
    This course seeks to provide a foundation in best security practices for non-IT and security personnel. Train your workforce in security awareness with the team that specializes in analyzing the threats present in today's threat landscape.
  • Cyber Intelligence Analytics and Operations
    Cyber Intelligence Analytics and Operations
    Tue, Oct 22
    Boise, ID, USA
    Oct 22, 2019, 8:30 AM MDT – Oct 26, 2019, 4:30 PM MDT
    Boise, ID, USA
    Oct 22, 2019, 8:30 AM MDT – Oct 26, 2019, 4:30 PM MDT
    Boise, ID, USA
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations.
upcoming

upcoming cIAO Courses

  • Cyber Intelligence Analytics and Operations - 60 Day Online, Self Paced Training
    Cyber Intelligence Analytics and Operations - 60 Day Online, Self Paced Training
    Access granted once registered
    Online, Self-Paced Training
    Access granted once registered
    Online, Self-Paced Training
    Access granted once registered
    Online, Self-Paced Training
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations. This class is available for online for 60 days from registration with weekly live cohorts & concludes with a certificate of training.
  • Purple Team Cyber Operations (TI-II)
    Purple Team Cyber Operations (TI-II)
    Tue, Jan 18
    Live Virtual, Instructor-Led
    Jan 18, 2022, 8:00 AM MST – Jan 22, 2022, 4:00 PM MST
    Live Virtual, Instructor-Led
    Jan 18, 2022, 8:00 AM MST – Jan 22, 2022, 4:00 PM MST
    Live Virtual, Instructor-Led
    In this course, students will develop a clear picture of the threats that must be prioritized, develop comprehensive strategies for how to develop a practical defense in depth policy & apply that strategy to thwarting the most likely cyber attacks.
  • Network and Security Foundations - Virtual Instructor Led (vILT)
    Network and Security Foundations - Virtual Instructor Led (vILT)
    Multiple Dates
    Mon, Jan 03
    Every Monday & Wed for 8 Weeks, Virtual
    Jan 03, 2022, 8:00 AM MST – Feb 23, 2022, 4:00 PM MST
    Every Monday & Wed for 8 Weeks, Virtual
    Jan 03, 2022, 8:00 AM MST – Feb 23, 2022, 4:00 PM MST
    Every Monday & Wed for 8 Weeks, Virtual
    Bootcamp style course to learn the networking and security foundations necessary to begin a career in Cybersecurity. Every Monday and Wednesday for a period of 8 Weeks. Prepares students for industry standard certifications such as Net+/Sec+
  • Network and Security Fundamentals
    Network and Security Fundamentals
    Tue, Jan 05
    Boise, ID, USA
    Jan 05, 2021, 8:30 AM – Feb 23, 2021, 4:30 PM
    Boise, ID, USA
    Jan 05, 2021, 8:30 AM – Feb 23, 2021, 4:30 PM
    Boise, ID, USA
    Bootcamp style course to learn the networking and security foundations necessary to begin a career in Cybersecurity. Every Monday and Wednesday for a period of 8 Weeks. Prepares students for industry standard certifications such as Net+/Sec+
  • Network and Security Fundamentals for TI & SOC Analysis - Virtual Instructor Led (vILT)
    Network and Security Fundamentals for TI & SOC Analysis - Virtual Instructor Led (vILT)
    Tue, Sep 15
    Zoom Virtual Event
    Sep 15, 2020, 8:30 AM MDT – Sep 26, 2020, 4:30 PM MDT
    Zoom Virtual Event
    Sep 15, 2020, 8:30 AM MDT – Sep 26, 2020, 4:30 PM MDT
    Zoom Virtual Event
    Learn networking and security foundations necessary to conduct meaningful and contextual threat intelligence/SOC operations in this comprehensive course.
  • Cyber Intelligence Analytics and Operations - VILT
    Cyber Intelligence Analytics and Operations - VILT
    Mon, Jun 22
    Virtual Instructor Led Training
    Jun 22, 2020, 9:00 AM MDT – Jun 26, 2020, 5:00 PM MDT
    Virtual Instructor Led Training
    Jun 22, 2020, 9:00 AM MDT – Jun 26, 2020, 5:00 PM MDT
    Virtual Instructor Led Training
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations. This class is 5 days of instructor-led training and concludes with a certificate of training.
  • Cyber Intelligence Analytics and Operations - VILT
    Cyber Intelligence Analytics and Operations - VILT
    Mon, May 18
    Virtual Instructor Led Training
    May 18, 2020, 8:30 AM MDT – May 22, 2020, 4:30 PM MDT
    Virtual Instructor Led Training
    May 18, 2020, 8:30 AM MDT – May 22, 2020, 4:30 PM MDT
    Virtual Instructor Led Training
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations. This class is 5 days of instructor-led training and concludes with a certificate of training.
  • Cyber Intelligence Analytics and Operations - VILT
    Cyber Intelligence Analytics and Operations - VILT
    Mon, Apr 27
    Online, Virtual Instructor-Led Training
    Apr 27, 2020, 8:30 AM MDT – May 01, 2020, 5:30 PM MDT
    Online, Virtual Instructor-Led Training
    Apr 27, 2020, 8:30 AM MDT – May 01, 2020, 5:30 PM MDT
    Online, Virtual Instructor-Led Training
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations. This class is 5 days of instructor-led training and concludes with a certificate of training.
  • Network and Security Fundamentals for TI & SOC Analysis
    Network and Security Fundamentals for TI & SOC Analysis
    Tue, Jan 07
    Boise, ID, USA
    Jan 07, 2020, 7:30 AM – Jan 11, 2020, 4:30 PM
    Boise, ID, USA
    Jan 07, 2020, 7:30 AM – Jan 11, 2020, 4:30 PM
    Boise, ID, USA
    Learn networking and security foundations necessary to conduct meaningful and contextual threat intelligence/SOC operations in this comprehensive course.
  • Cyber Intelligence Analytics and Operations (1)
    Cyber Intelligence Analytics and Operations (1)
    Tue, Nov 26
    Boise, ID, USA
    Nov 26, 2019, 8:30 AM MST – Nov 30, 2019, 4:30 PM MST
    Boise, ID, USA
    Nov 26, 2019, 8:30 AM MST – Nov 30, 2019, 4:30 PM MST
    Boise, ID, USA
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations.
  • Security Awareness Training
    Security Awareness Training
    Sat, Nov 09
    Boise, ID, USA
    Nov 09, 2019, 9:00 AM – 4:00 PM
    Boise, ID, USA
    Nov 09, 2019, 9:00 AM – 4:00 PM
    Boise, ID, USA
    This course seeks to provide a foundation in best security practices for non-IT and security personnel. Train your workforce in security awareness with the team that specializes in analyzing the threats present in today's threat landscape.
  • Cyber Intelligence Analytics and Operations
    Cyber Intelligence Analytics and Operations
    Tue, Oct 22
    Boise, ID, USA
    Oct 22, 2019, 8:30 AM MDT – Oct 26, 2019, 4:30 PM MDT
    Boise, ID, USA
    Oct 22, 2019, 8:30 AM MDT – Oct 26, 2019, 4:30 PM MDT
    Boise, ID, USA
    Learn the facets of intelligence analysis and how to utilize it to perform ongoing cyber operations to scrutinize intrusions and conduct proactive investigations.

training solutions

We offer online and instructor led training solutions using our own highly adaptive, tailored platform to optimize student learning and retention.

Threat Intelligence Certification Program

Network and Security Fundamentals Course

Introduction to Purple Team Security Operations

Chess King
Pawn

Intel driven Digital Forensics Investigations

Intel led Orchestration and Automation (SOAR)

Custom Cybersecurity Training (Contact)

bottom of page