richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Cleaned up Literature folder

Browse source
This commit is contained in:
Richard Kranendonk 2026-05-18 12:48:01 +02:00
parent 73a6380034
commit fe5eda4e05
586 changed files with 53911 additions and 2475 deletions
Download patch file Download diff file Expand all files Collapse all files

14
Corpus/Information Security/Red, Blue, and Purple Teams.md Normal file
View file

@ -0,0 +1,14 @@
# Red, Blue, and Purple Teams
By Daniel Miessler
[Source](https://danielmiessler.com/study/red-blue-purple-teams/), retrieved December 23, 2021
- **Red Team** tests the effectiveness of a security program by emulating the tools and techniques of likely attackers.
- **Blue Team** is the internal security team that defends against attackers. Should be distinguished from standard security operations teams, as most do not have a mentality of constant vigilance against attack.
- **Purple team** integrates the defensive tactics and controls from the Blue Team with the threats and vulnerabilities found by the Red Team. Exists to ensure and maximize the effectiveness of both. Not a team as such, but rather a permanent dynamic between Red and Blue.
![](Red%20Blue%20Purple-pyramid-miessler.png)
Related:
[ISO 27001 A.14.2.8 System security testing](../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A.14.2.8%20System%20security%20testing.md)
[ISO 27001 A.14.2.9 System acceptance testing](../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A.14.2.9%20System%20acceptance%20testing.md)