Vulnerability scanning, penetration testing and red teams are the main detective controls for residual cyber risk – i.e. the risk that remains given controls already in place. Vulnerability scanning and penetration testers find potential cyber weaknesses, while red teams map those weaknesses to business risk for existing applications and devices.
Blue teams make up the other side of the risk equation by closing the PDCA (Plan, Do, Check, Act) continuous improvement loop. Blue teams leverage existing detective, preventive and compensating controls to thwart red teams attempts in order to enhance control effectiveness, lower risk and preemptively protect against attack. As I pointed out in my previous post, both red and blue teams are whitebox approaches to risk.
Purple teams combine red and blue approaches to ensure control effectiveness. The value of purple teams is well known, the only problem is that the purple team approach has been too expensive for most companies.
CyBot is an automated purple team, i.e. Harmony-Purple, combining red and blue team capabilities to provide a level of continuous cyber defense previously available only to the most advanced companies. CyBot’s automated purple team puts the next generation of risk based cyber defense in everyone’s reach.