Sponsored by: Security Risk Advisors

Purple Teaming | Building a Detection Confidence Metric

Breakout Session September 21, 2022 10:00 am - 10:45 am

Bookmark and Share

Antonio Crespo
Ulices Salazar

In this session, we’ll examine a case study from the Campbell Soup Company that shows how they created enhanced detection confidence by building a custom metric that is quantifiable against the MITRE ATT&CK Framework. The structured process was based on real-world observations, threat intelligence, and key audit findings. To validate detection implementations, Campbell’s used a test and validate approach with purple teams along with SRA’s free VECTR platform to measure detection confidence through cycles of iterative testing, detection rule tracking, and prioritized TTPs. Additionally, the presenters will demonstrate how the power of data analytics, PowerBI, and VECTR helped achieve results.

RH-ISAC Summit