Compass Security's Purple Teaming is a collaborative cybersecurity assessment service where red team (offensive) specialists and the client's blue team (defenders) work together to identify detection gaps, validate defensive controls, and improve incident response capabilities. The service uses a structured approach based on the MITRE ATT&CK framework to classify and organize attack techniques, enabling systematic assessment of an organization's detection posture. Engagements can range from targeted tests of specific detection rules to full-scale attack simulations. Key assessment areas include: - Detection rule validation: Verifying that existing rules work as intended, are adapted to the specific infrastructure, and cannot easily be bypassed. - Incident response testing: Executing realistic mock attack scenarios alongside the client's IT team to evaluate end-to-end response workflows, alert handling, escalation processes, and information flow. - Continuous security improvement: Regular reassessment of critical security controls to keep pace with evolving threats and infrastructure changes. For engagements, Compass Security deploys a customized version of PurpleOps, a web-based collaboration platform that facilitates information exchange between the client's blue team and Compass specialists. Activities are classified using MITRE ATT&CK, and all gathered data is exportable after the assessment. The customized PurpleOps version is available on GitHub for continued internal use by the client. The service draws on Compass Security's experience in penetration testing, red teaming, and incident response.