Introduction to Purple Team Exercises Workshop with PTEF


Join SCYTHE's Adversary Emulation Lead, Tim Schulz, for a 3 hour Hands-On Purple Team Exercise Workshop!

**REGISTRATION REQUIRED**
**Please use a real email address so we can provision your VMware lab environment before the workshop**

In this three hour hands-on workshop you will be introduced to Purple Team Exercises and play the role of Cyber Threat Intelligence, the red team, and the blue team. We have set up an isolated environment for each attendee to go through a Purple Team Exercise following the Purple Team Exercise Framework.

Attendees will:

• Learn the basics and use Command and Control (C2)
• Consume Cyber Threat Intelligence from a known adversary
• Extract adversary behaviors/TTPs and map to MITRE ATT&CK
• Play the Red Team by creating and executing adversary emulation plans
• Emulate the adversary behaviors in a small environment consisting of a domain controller, member server, and a Linux system
• Play the role of the Blue Team and look for Indicators of Compromise and Behaviors
• Use Wireshark to identify heartbeat and jitter
• Enable Sysmon configurations to detect adversary behavior
• Have FUN!

What do you need?
All you need is a web browser on a workstation/laptop (no iPads, sorry). If you want to come better prepared, download, read, and watch the free Purple Team Exercise Framework (PTEF) and webcast:
https://www.scythe.io/ptef
https://www.scythe.io/library/ptef-workshop