Operation Purple with Tim Schulz

Operation Purple w/Tim Schulz

Instructor: Tim Schulz
Course Length: 16 Hours

Includes: Twelve months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings.

Operation Purple with Tim Schulz

Course Description

Ever wondered how purple teaming can supercharge your cyber capability? In this 16-hour, hands-on course, attendees will learn the balance between threat understanding and detection understanding to run their own purple team exercises. Attendees will start by learning the underlying methodologies that make purple teaming successful and metrics for success before diving into leveraging the ATT&CK framework to create threat informed emulation plans. Once attendees have successfully built plans, they can leverage tools like SCYTHE or the Slingshot C2 VM to automate the emulation process. Finally, attendees will learn to identify and build detections to their emulated attacks.

Key Takeaways

  • Students will learn how to leverage the MITRE ATT&CK framework as part of their daily
    information security workflow
  • Students will learn how to leverage other resources to inform their adversary emulation
    testing
  • Students will learn how to incorporate cyber threat intelligence to inform their security
    testing
  • Students will learn how to build new detections
  • Students will learn how to assess detections
  • Students will learn how to use purple teaming in a strategic roadmap

Who Should Take This Course

This training is for security analysts, cyber threat intelligence analysts, red teams, and blue teams that want to add more purple teaming to their daily lives.

    Student Skill Level

    Students should have a basic level of understanding of red and blue team concepts

    Student Requirements

    Strong internet connection.

      What Students Should Bring

      •  Laptop with web browser
      • Remote Desktop Protocol (RDP) Client
      • iPads not recommended but we have seen it done before

      What Students Will Be Provided

      • Courseware
      • Purple Team Exercise Framework
      • Adversary Emulation Plans
      • C2 Matrix Virtual Machine
      • Detection rules and cheat sheets

      Trainer & Author

      Tim Schulz
      Tim Schulz

      SCYTHE’s Adversary Emulation Lead, he has been helping organizations build and train teams to understand and emulate cyber threats for the last seven years while working at multiple FFRDCs. He is the author of the Purple Maturity Model, and has given talks on purple teaming, adversary emulation, MITRE ATT&CK, and technical leadership.

      Live Training Events

      There are no sessions of this course currently on our schedule.

      Please keep an eye on the Live Training Calendar page for updates, or Contact Us for a private training session.