A Day In The Life Of A Purple Teamer
Considering the ruthless tactics attackers will use to gain access to an organization’s assets, security professionals are now seeking to have both red and blue teaming skills. We asked Dimitrios Bougioukas, our training director, a few questions about the challenges and opportunities that come with being a purple teamer.
What are your main responsibilities as a Training Director & Purple Teamer?
My main responsibilities include directing eLearnSecurity’s course development activities, leading the IT security research endeavors of the company and constantly monitoring the threat landscape as well as the latest technology advancements in order to create new courses that cover new and emerging IT security segments.
What part of this job do you personally find most satisfying? Most challenging?
As a Training Director, my upper goal is to create the next generation of complete and up-to-date IT security professionals. We take our students’/clients’ education seriously and we strive towards providing the most practical and up-to-date IT security courses in the market. As you can imagine, when I see students passing our challenging exams and applying the knowledge they obtained to effectively secure their organization, it is the most fulfilling and satisfying feeling in the world. On the other hand, the most challenging part of my job is conducting IT security research, discovering new attack vectors, security bypasses etc. To do so, understanding the underpinnings and full capabilities of each technology is required and this is just the beginning. Countless attempts of trying to subvert each technology’s normal flow by supplying all kinds of imaginative input is also required and this is equally demanding.
What are the most important skills for Purple Teamers?
To become a purple teamer, you will have to be equally skilled at (web app, infrastructure, mobile, cloud) penetration testing and at incident response/threat hunting. Reverse engineering and/or information security management skills are also nice to have. Especially the information security management skills are of great importance, since on enterprise environments technical skills and skilled personnel is nothing without properly implemented IT security processes, planning, and management.
What jobs can you get with purple teaming skills?
To be honest, when you have mastered both Red and Blue team skills, the job possibilities are endless. And I don’t just mean that you can fill a penetration testing or an incident response/threat hunting position with ease. I mean that you will be in the position to even fill an IT security management position with minimum effort (of course some information security management and/or risk management skills will be required to do so).
What advice would you give to someone aspiring to become a successful purple teamer?
I am sure that you have figured by now, that becoming a Purple Teamer is a demanding endeavor. I would recommend being methodical, patient and passionate while developing your skillset. The danger of “educational fatigue” is high during this journey, so, take it easy and enjoy every destination.
Find out how to develop proficiency in both advanced penetration testing and threat intelligence with our Purple Team Member training path:
Connect with us on Social Media
LinkedIn | Facebook | Twitter | Instagram