Add the term red team to the collection of security phraseology. Infosec pros and other IT executives already know about White Hat hackers and their Black Hat brethren but red team?

It’s the phrase Virtue Security CEO and founder Eliott Frantz used to describe a new infosec tool the company is debuting at HIMSS18. And it’s called Purple Leaf.

Frantz acknowledged that not many red team platforms are in existence today. The phrase, however, is gaining some traction. The company Red Team Consulting, for instance, defines it as a “full-scope multi-layered attack simulation designed to measure how well a company’s people and networks, applications and physical security controls can withstand an attack from a real-life adversary.”

Frantz said that a traditional red team generally refers to a large block of pentesting hours spread over an extended timeframe such that it  can simulate a real attacker with no time constraints. 

“Purple Leaf combines continuous network scanning with our manual network testing service, and allows us to test new hosts and services as they come online,” Frantz said. “Since all the data is portable, we also are building out layers of analytics to better identify systemic risk.”

Frantz explained that automating the discovery process with Purple Leaf enables Virtue Security testers to be more efficient and continuously test for clients by feeding the pentest team a queue of new targets as they come online. 

“The biggest advantage is keeping all our test data portable,” Frantz said. “We can use it to run analytics as well as help determine if a client is affected by a newly released vulnerability.” 

Virtue Security is in Booth 11620. 

Twitter: SullyHIT
Email the writer: tom.sullivan@himssmedia.com