Purple Team Security Assessment Of Firmware Vulnerabilities

Abstract

The purple team concept in offensive and defensive security is related to a set of methods, processes or activity that will combine red and blue team to cooperate in order to create a solid security operations team for improving due-care and due-diligence policies in a company or institution. The accelerated evolution of communication over networks as well as the consecutive rising sophistication of new security threats at the present time, have led to the development of a wide variety of security approaches. In this study we present the methodology followed for firmware analysis from red team perspective for an access point equipment, a detailed analysis report of the information we were able to collect, related to any type of threats. We conclude by proposing recommendations for mitigating attacks, from the blue team perspective.

https://www.conftool.com/rev-conference/sessions.php