Tag Archive red team

ByJayanthi

Red Team – Blue Team

Reading Time: 2 minutes

“Red team – Blue team” is a popular parlance in the Information security domain. It actually imitates military tactics, ” red teams” and “blue teams” who work in offensive and defensive positions. Protecting the infrastructure of an organization and ensuring the complete security of an organization is the ultimate goal of every security program.

Every organization wants their

a. precious data to be safe

b. data not to fall into wrong hands

c. not to have any of their client’s passwords stolen

d. not to have any of their private conversations being snooped on and more…

How do we achieve this in the Information security domain? By forming two teams – the ‘Red Team’ and the ‘Blue Team’.

Red Team:

The ‘Red Team’ is:

  • The offensive team or the attacking team
  • It consists of team members who perform duties similar to pen-testers who will attack and test an organization’s defenses
  • It may consist of team members from outside the organization 
  • The Red team will have skills pertaining to performing the attacks like phishing, social engineering, masquerading like employees and more
  • The ‘Red Team’ will attack an organization’s defenses and find loop holes in the system that might be potentially attacked by hackers

Blue Team:

The Blue Team is:

  • The defensive team
  • Will erect all defenses by ensuring that necessary software (such as firewalls, anti-virus definitions) have been installed and all patches are downloaded as and when they are released
  • They will also ensure that all loopholes in the security program are sealed
  • The ‘Blue team’ will have to keep up with all the new security threats and bugs in the Information security landscape and mitigate them accordingly
  • The ‘Blue team’ will have to re-group and re-strategize once the threat of attacks looms

Who is more important? (Red Team or Blue Team?)

Both the teams are equally important as both of them work for the betterment of an organization. While one team erects defenses and makes sure everything is secure, the other team attacks it and shows the vulnerability of defenses. The best way to work  of course, is for the “Red team” to think like the “Blue team” and attack the defenses and for the “Blue team” to think like the “Red team” and create good defenses!

This way, the organization can try to be as secure as possible!

There is also a ‘purple’ team but that will be for another post… 🙂

This post is for alphabet ‘R’ for the #Blogchatter challenge. The previous post can be found here.