Purple Team

Between attack and defense: How we achieve optimal cyber security solutions with the PURPLE strategy

CANCOM's RED team and BLUE team work synergistically for more cyber security.

PURPLE is the color that is always in season - at least when it comes to cyber security. PURPLE is the result of the synergetic interaction between our two IT security teams RED and BLUE. Behind this are teams that spoil the fun for global hackers with a powerful and comprehensive security strategy. The famous statements "attackers are always ahead" and "defenders are always behind" are now a thing of the past. While our RED team takes an offensive and proactive approach, the BLUE team works defensively.

BLUE team? This team is made up of security analysts and experts from our own Cyber Defense Center (CDC) and is responsible for security monitoring, incident response and threat hunting. The exchange of knowledge between the RED and BLUE teams is particularly important. As a result, various attack vectors can be tested and analyzed in ever new and more intensive ways.

What does offensive mean? The RED team focuses on vulnerability assessments, social engineering and physical security. Penetration tests, extended social engineering campaigns (such as "spear phishing") and Red Team simulations are carried out on a regular basis. A realistic threat model is created using specifically developed attack scenarios in order to uncover vulnerabilities and thus create transparency in our customers' IT environments.

The RED team's experience from the assessments and the in-house development of new attack scenarios keep the BLUE team at the CDC constantly up to date with the latest threats. The primary objective here is to ensure the best possible preparation for preventing attacks and sustainable case clarification.
In return, the monitoring and analysis findings of the BLUE team support the RED team. As a result, new techniques are developed that make it possible to audit customer environments successfully and undetected, even with existing protection mechanisms.
These techniques and strategies are tested extensively in an in-house laboratory, refined and run through in different variants. The knowledge gained is then implemented at the customer's premises so that they are always armed against the latest security threats

we transform for the better

Purple strategy

The in-house RED and BLUE team and the symbiotic PURPLE approach clearly differentiate us from other providers
CANCOM customers who use the Cyber Defense Center are continuously monitored by the in-house RED team.
Identification of possible attack scenarios and vulnerabilities by the RED team
Optimal monitoring by the CDC