In this 3-hour hands-on workshop you will be introduced to Purple Team Exercises and play the role of Cyber Threat Intelligence, the red team, and the blue team.

We have set up an isolated environment for each attendee to go through a Purple Team Exercise following the Purple Team Exercise Framework. Each student will have an isolated lab environment which they can utilize to test out new tools, techniques, and procedures learned during the workshop.


unicorn outline


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

By the end of this workshop, attendees will:

🦄Learn the basics of Purple Teaming through the study of PTEF.

🦄Setup and utilize Command and Control (C2) frameworks.

🦄Consume Cyber Threat Intelligence from a known adversary.

🦄Extract adversary behaviors/TTPs and map them to the MITRE ATT&CK framework.

🦄Play the Red Team by creating and executing adversary emulation plans.

🦄Emulate the adversary behaviors in a small environment consisting of a domain controller, member server, and a Linux system.

🦄Play the role of the Blue Team and look for Indicators of Compromise and threat Behaviors.

🦄Deploy and utilize Sysmon and popular SIEM frameworks to detect and hunt for Emulation behaviors.

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.


What do you need?
All you need is a web browser on a workstation/laptop (no iPads, sorry).

If you want to come better prepared, download, read, and watch the free Purple Team Exercise Framework (PTEF) and webcast:



Please register using a valid email address so we can provision your VMware lab environment before the workshop

Questions? Email marketing@scythe.io  



Secure your spot today!