Some organisations use purple teams who carry out the work of both red and blue teams, hunting, detecting and fixing vulnerabilities in organisational security systems by carrying out attack versus defence scenarios. Purple teams can be contracted or may be in-house.

The existence of purple teams is often simply a response to the sheer pervasiveness and volume of cyber-threats today. Many organisations require a wide variety of attack and defence scenarios and methodologies as they seek to gain any possible advantage against security threats. Not everyone uses purple teams and some argue that they are not necessary if red and blue teams communicate as they should.