We believe in Purple Teams as the best way to assess and improve technical cybersecurity defenses. What are Purple Teams? We define them as an open-book-exam process that prioritizes and shows quantifiable improvements in defenses over time.
Purple Teams through VECTR™ generates success defense metrics and help align Red and Blue Teams towards the same mission: protecting the organization by discovering and plugging detection gaps. If you are scratching your head on how to adopt and align to the MITRE ATT&CK Framework, this is for you.
VECTR™ is the only free platform of its kind. It has STIX/TAXII functionality to support content updates and community sharing. VECTR™ is not available for purchase, it is available only as freeware.
We developed VECTR™ to help streamline purple team assessments. We call it VECTR™. It provides a centralized dashboard for tracking all things Purple. A quick feature list:
- Document TTPs used in Purple and Red teams so test cases can be repeated until detection rules are made successful
- Light up a MITRE ATT&CK heatmap to show your teams’ mutual success and needs
- Show how far you’ve come with historical trending of your metrics
- Evaluate and report the effectiveness of your tools investments
- Prioritize tuning and remediation activities
- Report defensive capability at each phase in the kill chain
- Import test cases using STIX 2.0 and TAXII