1. Infrastructure overview:

  • PurpleLABS is a dedicated virtual infrastructure for running detection and analysis of attackers' behavior in terms of used techniques, tactics, procedures and offensive tools. The environment main goal is to serve the constant improvement of competences in the field of threat hunting (threat hunting) and learning about current trends of offensive actions (red teaming) vs direct detection (blue teaming). 
  • Ready to use VPN access for running your own on-going security / hunting research or for playing with advanced labs scenarios.

2. Labs overview:

  • 240+ dedicated walkthrough lab scenarios combined with mapping to MITRE ATT&CK Framework, Sigma rules, offensive/defensive tools, tactics, and procedures.
  • Focus on Linux Rootkits, C2 frameworks, and general post-exploitation, lateral movement, evasion, and data exfiltration phases.
  • Tracking and progress monitoring.

3. Skill level:

  • Intermediate/Advanced

4. Subscription packages:

  • PurpleLabs Cyber Range Access for 30/90 days
  • Linux Attack, Detection and Live Forensics course
  • EDRmetry Playbook
  • Continuous Training Delivery for 1 / 3 / 6 / 12 working days for use under subscription

5. Continuous Training Delivery:

  • We offer 1/3/6/12 working days dedicated to live video-consulting / workshop sessions as an additional option.
  • We are open to supporting your security team by running 2-4h live training sessions per week, so that we will supply you with new knowledge on a regular basis

6. Security Analytics Components:

  • Elastic Security, Sandfly Security, Splunk, Wazuh, OSquery FleetDM, Graylog, Velociraptor, and more.

7. Data sources:

  • Zeek NIDS, Suricata NIDS, Moloch/Arkime PCAP, Sysmon4Linux, Falco, Tracee, Kunai, Tetragon, Jibril, Syslog, Auditd and more.

8. How is access to PurpleLabs provided?

  • We are using the simplest solution based on Wireguard VPN. All you have to do is install the VPN client and import one configuration file.

9. Could I choose the start date for the PurpleLabs VPN?

Yes. Just let us know what time/date works for you.

10. Target Audience:

  • B2B
  • Individual

11. Who should take this course?

  • Red and Blue team members
  • Security / Data Analytics
  • CIRT / Incident Response Specialists
  • Network Security Engineers
  • SOC members and SIEM Engineers
  • AI / Machine Learning Developers
  • Chief Security Officers and IT Security Directors

12. Prerequisites:

  • An intermediate level of command-line syntax experience using Linux
  • Fundamental knowledge of TCP/IP network protocols
  • Penetration testing experience performing enumeration, exploiting, and lateral movement is beneficial, but not required
  • Basic programming skills are a plus, but not essential

13. Hardware / Software requirements:

  • VPN client installed according to VPN Setup instructions
  • Discord account as an invite to the Defensive Security channel will be provided
  • Stable internet connection

14. Customization and feature request:

  • Available on request as a part of the Enterprise subscription only
  • Paid extra

15. Will I get a certificate of completion?

  • Yes.

Let's have a chat!

Contact Us to find out more details about the platform and Defensive Security.

Contact Us

This website uses cookies. To find out more, read our Cookies policy. By continuing to use the site, you consent to our use of cookies.