Philadelphia, PA – April 7, 2026 – Security Risk Advisors (SRA) is proud to announce that active participation in its Purple Team exercises is now recognized as an eligible Continuing Professional Education (CPE) activity by GIAC and ISC2. This exciting development allows cybersecurity professionals to earn CPE credits while simultaneously enhancing their organization’s detection and response capabilities.
Hands-On Learning That Makes a Difference
Unlike traditional CPE activities such as attending conferences, watching webinars, or completing online courses, SRA’s Purple Team exercises offer a unique, hands-on experience. Participants, including analysts, engineers, and incident responders, engage directly in their organization’s live production environment, working against real-world attack techniques and procedures (TTPs) executed by SRA’s expert red team operators.
Rather than passively observing, participants actively monitor live attacks in their Security Information and Event Management (SIEM) system, assess detection capabilities, and identify gaps. This adversary-focused learning approach ensures that the skills gained during the exercise are immediately applicable, empowering teams to respond effectively when real incidents occur.
Key Benefits of SRA Purple Team Exercises
Participants in SRA’s Purple Team exercises gain:
- Direct experience with MITRE ATT&CK-mapped techniques tailored to their organization’s threat landscape.
- Insight into detection gaps across tools such as Endpoint Detection and Response (EDR), SIEM, and data lakes.
- Structured documentation of results in VECTR™, providing a foundation for future improvements.
- CPE credits applicable toward GIAC and ISC2 certification maintenance.
Earn Up to 15 CPE Credits
SRA’s standard Purple Team engagements involve approximately 15 hours of active participation, translating to up to 15 CPE credits per participant. This is a significant contribution toward certification renewal for professionals holding GIAC certifications (e.g., GPEN, GCIH, GCFA) or ISC2 credentials (e.g., CISSP, SSCP, CCSP).
Streamlined Documentation and Submission
To support participants in claiming their CPE credits, SRA provides a certificate that includes:
- Participant name
- Activity name
- Engagement dates
- Hours of participation
- A justification summary
For GIAC certifications, the activity is categorized under Cyber Ranges, with a limit of 12 CPEs per renewal. ISC2 members can claim Group A credits within the Education category, with 1 CPE per hour of active learning directly relevant to their certification domains.
Learn More
Organizations interested in exploring Purple Team services or building a tailored program can reach out to SRA for more information about the approach, tools, and benefits.
Note: Participants must attend at least 80% of the Purple Team sessions to qualify for CPE credits. Attendance is monitored through periodic spot checks.
About Security Risk Advisors
Security Risk Advisors is a leading cybersecurity consulting firm specializing in innovative solutions to strengthen organizations’ security posture. With expertise in Purple Team exercises, threat resilience, and detection engineering, SRA empowers teams to stay ahead of evolving cyber threats.
For media inquiries, please contact:
Doug Webster | info@sra.io