Teaming Category in Information Security

As we know, there is a Red Team and Blue Team in the information security environment. However, a lot of people not aware of the Purple Team.

Let go through each of the team color.

Red Teams

The Red Teams is an team that doing security testing on the client system to encounter any behaviors and techniques of most likely been used by the attackers.  This practice is quite same as penetration testing method where it will normally included the pursuit of one or more techniques and objectives of the testing.

Blue Teams

This team will be monitoring the traffic and activity of the real attackers and Red Teams every day including public holiday. This team also have other name which is Security Operation Centre (SOC). This team shouldn’t have any mentality that related to any constant vigilance against attack from the attacker.

Purple Teams

Combined Red Team and Blue Team will created Purple Teams where they will ensure the effectiveness of the work that been handled by the Red and Blue Team. For the Blue teams, they will maximize the defensive tactics and ensure the efforts that been made by the Red Team with the findings of the threats and vulnerabilities on the system.

Source: The Red, Blue and Purple Team and What’s Between Them

Author: Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *