Kali Linux goes on the defence, turns purple
Sometimes there's a need to get defensive
InfosecThe good folk over at Offensive Security had a surprise for us over the weekend. As part of the latest 2023.1 release of Kali Linux, they’ve added additional tools aimed at the purple\blue teams - defensive tools!
Kali has always been focused on offensive cyber tools, which allow security experts to hone their skills without having to root through package dependencies and building lots of crap from source. It really does help bring cybersecurity to the masses, and with this latest release - a whole new group of cyber professionals can enjoy the benefits of Kali Linux too.
However it’s still quite new, so don’t expect a completely different distro just yet. In fact, the default installation is missing quite a lot of the tools mentioned in the initial blog post.
The tools are laid out quite nicely against the NIST Cybersecurity Framework, allowing easy understanding of their purpose without necessarily knowing the tool itself. However when we took a look around, we noticed a lot of the new tools mentioned, such as Suricata, Arkime and Elastic were missing.
These will come in due course (see issues listed here), it’s still early days for Kali Purple, and we’re expecting over time that this release will drift away from it’s parent OS (there’s already talk of a dedicated installer). But so far it looks like we’ll get another fantastic tool for the cybersecurity world.