Practical Purple Teaming: The Art of Collaborative Defense
暫譯: 實用的紫隊合作:協作防禦的藝術
Champion, Alfie
- 出版商: No Starch Press
- 出版日期: 2025-10-14
- 售價: $2,160
- 貴賓價: 9.5 折 $2,052
- 語言: 英文
- 頁數: 352
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1718504284
- ISBN-13: 9781718504288
-
相關分類:
Penetration-test
海外代購書籍(需單獨結帳)
商品描述
Real-world threats demand real-world teamwork. If you're tired of red team reports gathering dust--or defensive teams being left in the dark--this book is for you. Practical Purple Teaming gives you a hands-on blueprint for running collaborative security exercises that improve detection, build trust, and expose real gaps before attackers do. You'll learn how to emulate adversaries using tools like Atomic Red Team, MITRE Caldera, and Mythic, and you'll guide defenders toward actionable insights using real logs, alerts, and frameworks like MITRE ATT&CK, the Cyber Kill Chain, and the Pyramid of Pain. If you're running your first purple team exercise or trying to scale a repeatable program, this book will show you how to move from ad hoc simulations to a sustainable, integrated strategy. You'll learn how to:
Whether you're red, blue, or somewhere in between, this book will help you test smarter, detect faster, and collaborate better. If you've ever finished a red team engagement and wondered what actually changed, this is your playbook.
- Design purple team exercises that produce measurable improvements
- Emulate attacks using threat intel and adversary simulation tools
- Collect telemetry and analyze coverage using open source platforms
- Automate labs with Splunk's Attack Range and other free resources
- Build a sustainable, cross-functional purple teaming function within your organization
Whether you're red, blue, or somewhere in between, this book will help you test smarter, detect faster, and collaborate better. If you've ever finished a red team engagement and wondered what actually changed, this is your playbook.
商品描述(中文翻譯)
現實世界的威脅需要現實世界的團隊合作。
如果你厭倦了紅隊報告積灰塵,或是防禦團隊被置於黑暗之中,那麼這本書就是為你而寫的。 實用的紫隊合作 為你提供了一個實用的藍圖,用於運行協作安全演習,這些演習能改善檢測、建立信任,並在攻擊者之前揭露真實的漏洞。你將學會如何使用 Atomic Red Team、MITRE Caldera 和 Mythic 等工具模擬對手,並指導防禦者利用真實的日誌、警報和像 MITRE ATT&CK、網路殺戮鏈(Cyber Kill Chain)以及痛苦金字塔(Pyramid of Pain)等框架獲得可行的見解。 無論你是在進行第一次紫隊演習,還是試圖擴展可重複的計畫,這本書將告訴你如何從臨時模擬轉向可持續的整合策略。 你將學會如何:- 設計能產生可衡量改進的紫隊演習
- 使用威脅情報和對手模擬工具模擬攻擊
- 使用開源平台收集遙測數據並分析覆蓋範圍
- 使用 Splunk 的 Attack Range 和其他免費資源自動化實驗室
- 在你的組織內建立一個可持續的跨功能紫隊合作功能
無論你是紅隊、藍隊,還是介於兩者之間的角色,這本書將幫助你更聰明地測試、更快速地檢測和更好地協作。 如果你曾經完成紅隊任務後,想知道實際上發生了什麼變化,這就是你的行動手冊。
作者簡介
Alfie Champion is a seasoned cybersecurity specialist who has fostered and developed purple team functions over the last decade, both with internal teams and while consulting with MWR InfoSecurity. Champion has delivered talks and workshops at some of the industry's most prestigious conferences, including BlackHat USA, DEF CON, and RSA.
作者簡介(中文翻譯)
Alfie Champion 是一位經驗豐富的網路安全專家,在過去十年中,他在內部團隊和與 MWR InfoSecurity 進行諮詢的過程中,培養和發展了紫隊功能。Champion 曾在一些業界最具聲望的會議上發表演講和舉辦工作坊,包括 BlackHat USA、DEF CON 和 RSA。
