[WEB SECURITY] My experience coleading purple team (take two)

Robert A. robert at webappsec.org
Tue May 29 15:45:20 EDT 2018

"I've been fortunate enough to manage a red team program for several years 
and since it's inception it has gone through many changes. What started 
out as adhoc engagements trying to see how far we could get/what problems 
we could find, turned into a mechanism to work more closely, and regularly 
with operations/it teams. More importantly, it's an approach to get 
operations teams to want to work with your security org more closely. This 
post will not discuss technical approaches to red teaming, it will discuss 
various strategies for making your program more impactful to the business. 
Below are my thoughts based on working with very talented red teamers, and 
operations teams. "


Robert A.

More information about the websecurity mailing list