A Purple Teamer’s Insights on Collaboration, Relationship Building, and Vetting Tools

Who is Maril Vernon?

Maril Vernon is a distinguished cybersecurity professional with a multifaceted career spanning application security architecture, purple team management, and advocacy for diversity in tech.

As a Senior Application Security Architect and Purple Team Program Manager, she has designed robust cybersecurity operations for organizations ranging from startups to FAANG-level enterprises.

Maril is the co-host and co-founder of the SANS award-winning Cyber Queens Podcast, which aims to amplify female and LGBTQ voices in cybersecurity.

Her commitment to diversity extends to her role as Head of Outreach at Teach Kids Tech, a non-profit bridging the digital divide for underprivileged communities.

Her expertise has earned her several accolades, including the 2023 Cybersecurity Woman Hacker of the Year and the CyberJustu Pentest Ninja Award.

She's also recognized as one of the Top 10 Women Influencing Cyber by CyberSHEcurity.

As a contributing writer for CSO Online magazine, Maril shares insights on cyber resilience and industry trends.

She's an active contributor to various organizations promoting diversity in cybersecurity, including Hacker in Heels, The Diana Initiative, and WiCyS.

Maril's career exemplifies the intersection of technical expertise, leadership, and advocacy, making her a respected voice in the cybersecurity community.

Insights and Key Takeaways

Creative Thinkers are Cybersecurity’s Secret Weapon

Insight: Cybersecurity might feel like a land for linear, logic-heavy thinkers, but Maril’s background in marketing brings a twist. Creative types like Maril approach security challenges from unexpected angles, bringing fresh insights into an industry often in need of them.

Creative problem-solvers can spot vulnerabilities and solutions that go way beyond traditional, cookie-cutter approaches.

In cybersecurity, where threats are complex and constantly emerging, teams that embrace these out-of-the-box thinkers are often more adaptable and innovative.

Diversity of thought isn’t just a hiring goal; it’s a business advantage.

It’s About Relationships, Not Features 🤝

Insight: Vendors are still rolling out the same feature-based sales approach, which doesn’t fly with engineers like Maril. If you’re hoping to impress cybersecurity pros, start with a relationship, not a 60-slide product deck.

Building relationships means positioning yourself as an ally, not a talking sales bot.

Maril emphasizes that engineers don’t trust vendors just rattling off features.

Instead, they’ll listen to someone who genuinely understands their pain points.

A relationship-first approach builds a bridge for vendors to become problem-solving partners rather than product pushers.

If you can solve their problems, you’re in; if you can’t, you’re out.

Cold Outreach is Dead

Insight: Unsolicited pitches don’t work. If you’re cold-pitching Maril on LinkedIn, she’s likely hitting delete. Engineers are skeptical and value honesty—cold DMs rarely deliver.

Cybersecurity pros see through impersonal outreach a mile away, which means cold pitches are bound to flop.

Instead, get strategic: reach out through a shared contact or engage meaningfully with their content before making a move.

The extra effort in relationship-building pays off in long-term trust.

If your only strategy is cold messaging, it’s time to add some new plays to your book. Authenticity sells, scripts don’t.

Want to Close the Deal? Educate, Don’t Sell 🏫

Insight: Maril prefers demos that teach rather than sell. Instead of the hard sell, vendors who use the demo to address real problems and answer technical questions get her attention and trust.

Tech buyers have limited patience for sales fluff.

Vendors who go in with a “how can I help?” rather than a “how can I close?” mindset often make a much bigger impact.

Sales and marketing teams that position their demos as educational sessions—and actually tailor them to the buyer’s needs—leave a lasting, positive impression.

In other words, get real or go home.

When your approach is to genuinely solve problems rather than sell bells and whistles, engineers are much more likely to see you as an ally they can trust.

Support Matters as Much as the Sale

Insight: Maril’s biggest turn-off? Vendors who disappear after they close the deal. Focusing only on acquisition, without solid post-sale support, will lose you buyers faster than you can say “churn.”

Once a product is sold, a vendor’s commitment doesn’t end—it evolves.

Engineers expect vendors to be on standby, ready to jump in with help.

Ghosting them after they buy not only risks the relationship but also sets you up for churn city.

By keeping a strong customer success team engaged, vendors show that they’re invested in their buyer’s success, ensuring renewals and glowing recommendations.

The Ultimate Goal - Testing for Real Resilience, Not Just Compliance

Insight: For Maril Vernon, offensive security isn’t just about testing defenses; it’s about knowing how well her team stands up to real-world threats. Her focus? Cyber resilience. Maril believes resilience can’t be fully understood until defenses have been stress-tested through offensive measures. Testing without that adversarial element only tells half the story.

Resilience means being prepared, not just for today’s threats but for evolving ones.

Maril’s focus on offensive testing highlights a critical perspective: compliance checklists and theoretical safeguards don’t guarantee security.

Organizations must prepare for unexpected threats by simulating real adversaries. When teams actively test their systems, they move from a "hope we’re secure" mentality to a "we know we’re secure" reality.

This proactive approach shifts the focus from reactive defense to strategic resilience, helping organizations strengthen their security posture against emerging threats.

Collaboration Over Competition - Breaking Down Internal Silos

Insight: Maril isn’t just interested in her team’s resilience; she’s passionate about building a collaborative culture. As a purple teamer, her objective is to dismantle silos and create an environment where teams work together toward a shared security goal

For too long, cybersecurity has operated in isolated functions, with blue teams (defensive) and red teams (offensive) often at odds.

This compartmentalization creates blind spots that adversaries can exploit. Maril’s push for a unified “purple” approach—where both sides collaborate—promotes a fuller understanding of the organization’s weaknesses and strengths.

It fosters a sense of unity among teams, breaking down barriers that often lead to mistrust and missed insights.

For sales and marketing teams, knowing that internal collaboration is prioritized can guide how they position tools—focusing on features that support interoperability and team collaboration rather than isolated functionality.

A Methodical Approach to Vetting Solutions

Insight: When Maril evaluates new tools, she doesn’t take anything at face value. She approaches vendor conversations with a predefined objective and a list of probing questions, giving vendors a chance to either confirm or challenge her initial research.

Sales teams take note: buyers like Maril won’t be sold on marketing buzz alone.

They require substance, transparency, and an understanding that the product will address their actual needs, not just look good in a demo.

This means vendors must come prepared with honest answers and technical expertise. Maril’s approach—vetting with clear goals and skepticism—highlights a larger industry trend where engineers value vendors who go beyond promises and provide real-world insights.

If a product can’t meet Maril’s rigorous technical standards, she won’t just reject it; she’ll pass that insight along to peers, meaning one bad impression can echo through her network.

Triggers to Evaluate Solutions - Popularity Doesn’t Mean Suitability

Insight: A tool’s popularity alone doesn’t sway Maril. When asked to evaluate a new Endpoint Detection and Response (EDR) solution that was getting a lot of buzz, she relied on technical evaluation over hype. Her key goal was to determine if the tool addressed specific security gaps her team had identified.

This insight is critical for sales and marketing teams: don’t assume that a popular tool will automatically appeal to every buyer.

Engineers like Maril need to see evidence that a product genuinely fills a need within their organization’s infrastructure.

Hype can be an initial hook, but if the product lacks substance or duplicates existing functions, the evaluation will be short-lived.

The takeaway? Be prepared to demonstrate what unique value your product brings, especially in ways that directly address the buyer’s unique pain points and gaps.

Data-Driven Decision-Making - The Questions That Matter

Insight: Maril’s vetting process is rooted in specific, data-driven questions, from understanding user access controls to assessing the security breach notification protocols. These are not mere checkboxes but critical insights that help her understand the tool’s true alignment with her team’s needs.

Cybersecurity engineers want clarity, not generalities.

Maril’s methodical questioning reflects a broader trend: decision-makers want specific, actionable information on data protection, compliance, and incident response.

Sales reps should prepare to answer detailed, technical questions if they want to gain traction with buyers who prioritize security and functionality.

To connect with tech-minded buyers, vendors should consider presenting case studies, technical documentation, and even live demonstrations that showcase these capabilities in action.

Informed buyers like Maril hold vendors to a high standard, and they expect clear answers on data handling, retention, and security protocols.

Leaning on Networks for Recommendations - Peer Validation Over Pitches

Insight: Before considering a demo, Maril looks to her network of red and purple teamers for recommendations. This peer-to-peer approach ensures that any product she considers has been vetted by trusted contacts first.

The fact that Maril treats vendor demos as a “last resort” signals an important shift in the cybersecurity buying process.

Rather than relying on traditional sales tactics, cybersecurity buyers increasingly value peer feedback over product pitches.

For sales and marketing teams, it’s critical to engage with customer success stories and foster word-of-mouth advocacy.

Building a network of loyal users who can recommend your product within their professional circles is one of the most effective ways to attract new, serious buyers.

It’s no longer about selling directly to buyers but rather enabling your satisfied customers to spread the word.

Recommended Tools for Purple Teamers

Based on Maril's insights, the following tools are highly valuable for purple teamers aiming to streamline processes and strengthen defenses:

• Adversarial Emulation Tools: These tools simulate real-world threat behaviors, helping teams test both attack and defense measures.

• Automated Reporting Tools: Documenting purple team exercises is essential. Automation helps create actionable reports and maintain communication clarity.

• Threat Intelligence Platforms: With threats constantly evolving, these platforms keep teams informed, integrating seamlessly into their defense tools.

• Security Information and Event Management (SIEM) Systems: SIEM systems are a must for real-time log and event data analysis, giving teams a comprehensive view of organizational security.

My Final Thoughts

Cybersecurity buyers deserve better.

Maril’s message is loud and clear: engineers and security pros need vendors who can see past the sale and commit to building genuine partnerships.

That means no more lifeless cold pitches, meaningless features, or post-sale radio silence.

If you’re selling to cybersecurity buyers, it’s time to throw away the stale sales scripts and build meaningful relationships instead.

Trust, honesty, and long-term support aren’t just bonuses—they’re baseline expectations

Until next time,
Dani