Security Teams Flashcards
What is the point of security teams?
Individuals in cybersecurity develop specialties (niches) within the field. Some individuals are experts at attacking/penetrating (ethically). Others are experts at social engineering, others at defense setup etc. These individuals are put into teams in order to work together.
Red Team
Offensive team, ethical hacking, exploit vulnerabilities to gain access, social engineering. Web application scanning.
Blue Team
Defense security, protecting data, operational security daily tasks, incident response (damage control). Hunts for threats to find and fix holes. Digital forensics, find traces of attacks.
Purple Team
Red/Blue combination team. Sharing information on attack vulnerabilities and defense. Instead of fighting each other, they work together. Sometimes Red vs. Blue stifles organizational security so instead make the cooperate together.
White Team
Neither side, manages interactions between Blue and Red. Enforces the rules, resolves issues, determines the score. Manages post-event assessment, lessons learned, results. Basically overseers/managers.