Cloud Purple Team

Specialty test cases that focus on AWS and Azure control plane, cloud resource compromise, and simulated attacks from compromised cloud infrastructure. Validate the effectiveness of AWS and Azure protection and detection capabilities and identify areas to improve controls in your cloud environment.

Cloud Purple Team Overview

We will collaborate with your team to select from our library the Tactics, Techniques and Procedures (TTP) for the cloud threat simulations and define appropriate Azure accounts, user roles and target services and resources for the testing. We will perform testing across the following areas of the control plane and endpoints:

  • Suspicious Account Activity and Persistence
  • Security Policy and Configuration Changes
  • Data Protection and Exfiltration
  • Cloud Service Discovery and Enumeration
  • Endpoint Security
  • Network Security
Cloud Security

Deliverables

SRA will provide the following reports after performing the Cloud Purple Team exercise:

  • Summary Report with Defense Success Metrics Dashboard
  • “Quick Wins” list of improvements that your team can begin right away to improve your Defensive Success
  • Strategic recommendations to improve cloud visibility and detection capabilities

Details

Prep:

  • We will guide your installation and configuration of the free VECTR™ tool. We will show you how to use VECTR™ to document, score and report.

Timing

  • 4-5 days (per platform)