Quick Start

There are two options with getting your System(s) under Test:

  • PurpleTeam cloud. All back-end services are set-up and ready to go
  • PurpleTeam local. You set-up everything yourself

Both cloud and local use the same code base.

PurpleTeam cloud (BinaryMist PurpleTeam)

The quickest way to get up and running with having your Web application and/or API under test is to take the PurpleTeam cloud path. At a high level, these steps look like the following:

  1. Obtain a PurpleTeam-Labs cloud account. We set-up and manage everything in the cloud for you. If you decide to take the local path instead, this will be your responsibility
  2. Get the PurpleTeam CLI (purpleteam) on your system and configure it
  3. Create a Job. There are some examples here
  4. Start testing

PurpleTeam CLI can be run manually, driven from your CI, or other builds, to continuously inform you of security regressions in the Web applications that you are developing. This way you can easily find and fix your defects as they are being introduced.

Follow all directions under cloud.

PurpleTeam local (OWASP PurpleTeam)

If you choose to go the PurpleTeam local path, a non-trivial set-up is required to get up and running.

Follow all directions under local.