John Sawyer Chats about Value of Red and Purple Team Engagements

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Google Podcasts | Stitcher | RSS

TechSpective Podcast Episode 070

How do you know where the weak spots are in your cybersecurity defenses? One of the best ways is to engage a third-party–an external set of eyes and skills–to conduct a penetration test and try to find them. John Sawyer, Director of Services, Red Team at IOActive, joins me on this episode of the TechSpective Podcast to talk about what red, blue, and purple team engagements are and why they’re invaluable for companies to help improve cybersecurity.

Just as it is sometimes challenging to edit your own writing because your brain reads what you meant to write rather than what is actually on the page, it is also difficult to analyze your own security posture. You tend to see the problems you saw in the first place, and believe the solutions you have in place are sufficient. But, you don’t know what you don’t know, and you are often not the best judge of figuring it out. That is where engaging a red or purple team exercise with someone like John makes sense.

One of the specific issues we address in the podcast is the epidemic of alert fatigue. IT and IT security teams are inundated with an overwhelming volume of alerts. It is stressful and leads to apathy and/or critical alerts falling through the cracks. A purple team exercise can help identify useless alerts and separate important or critical alerts–providing valuable insight that can be used to fine tune systems to focus on the alerts that matter.

Check out the full episode for more from John about penetration testing and red and purple team engagements. We also talk about some of the ways the COVID-19 pandemic has affected purple team engagements in the past year, and the lasting impact the “new normal” may have on how red and purple team exercises are conducted.

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform, and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes, or wherever you listen.

• About
• Latest Posts

Tony Bradley

Editor-in-Chief at TechSpective

I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.

Latest posts by Tony Bradley (see all)

• Driving Security Culture and Best Practices - September 25, 2023
• Real World Impact of Medical Device Security - September 18, 2023
• Unlocking the Collective Ingenuity of Hackers to Outpace Threat Actors - August 24, 2023