performing-purple-team-exercise

Installation
SKILL.md

Performing Purple Team Exercise

When to Use

Use this skill when:

  • SOC teams need to validate that detection rules actually fire for the threats they target
  • Red team assessments produced findings that need translation into detection improvements
  • New detection tools or SIEM migrations require validation of detection coverage
  • Analyst training requires hands-on experience with real attack techniques and SIEM responses
  • Quarterly or semi-annual detection validation cycles are scheduled

Do not use for unannounced red team engagements — purple team exercises require explicit coordination between offensive and defensive teams with real-time collaboration.

Prerequisites

Installs
39
GitHub Stars
24.2K
First Seen
Mar 16, 2026
performing-purple-team-exercise — mukul975/anthropic-cybersecurity-skills