Purple AI 2.0

Started in August 2023

The business objective of Purple AI 2 (PAI2) is to positively impact the business continuity of both Red and Blue Teaming activities within PCSI organisations through the use of innovative applications of AI technology. The two perspectives together form the Purple AI tool offering.  

https://pcsi.nl/uploads/projects/Purple-AI2.png

Once this goal is achieved, red teams will have a tool that will allow them to benefit from (1) more operational capacity, (2) higher operational speed, and (3) a better baseline in terms of quality, reach, and depth of operational results (all while employing the same number of experts). Using the same tool, blue teams will be able to improve the overall baseline of the organisation's defences against attackers who may (or may not) be using AI tools.  

Innovative aspects  

  • We are exploring a portion of what could be "AI-powered" in an attacker's kill chain; we have selected two steps of the MITRE ATT&CK kill chain that are paramount to the day-to-day activities of red teamers as use cases for the PoC: "initial access" and "reconnaissance". 
  • We are sharing these insights and tools with blue teams to help them and PCSI partner organisations better defend against AI-powered adversaries.  

The solution  

The solution we envisioned is the creation of a (semi-)autonomous LLM-powered tool for red-teamers that also allows blue teamers to gain valuable insight into the possible attack scenarios where threat actors use AI-powered techniques.  

Intended outcome  

In the pilot phase the business impact of the PCSI Purple AI 2 tool is quantified from different angles.

The angles include red-teamers' operational efficiency and operational speed, as well as blue-teamers' learnings from observing the red-teamers using the tool.

The project team is conducting three pilot activities in parallel to measure the added value of the Purple AI 2 tool, these activities include:

  • Operational tests in a non-production environment (laboratory or otherwise) where we run tests consisting in red-teaming tasks during which red-teamers are either using the PoC software or not.
  •  A scientific validation of the Purple AI 2 tool's performance.
  • An interactive workshop for the core partners aimed at drawing feedback from both red- and blue-teamers. The collected improvement ideas and the newly gained insights will be then used to modify the tool.
Beeldmerk PCSI
PCSI is a collaboration of
    ABN-AMRO Achmea ASML Belastingdienst ING TNO