richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Vault restructure

Browse source
This commit is contained in:
Richard Kranendonk 2026-04-23 11:51:51 +02:00
parent d45797d121
commit ff77508bd1
1433 changed files with 415450 additions and 1201 deletions
Download patch file Download diff file Expand all files Collapse all files

13
Corpus/📚️ Literature notes/Red, Blue, and Purple Teams.md Normal file
View file

@ -0,0 +1,13 @@
# Red, Blue, and Purple Teams
By Daniel Miessler
[Source](https://danielmiessler.com/study/red-blue-purple-teams/), retrieved December 23, 2021
- **Red Team** tests the effectiveness of a security program by emulating the tools and techniques of likely attackers.
- **Blue Team** is the internal security team that defends against attackers. Should be distinguished from standard security operations teams, as most do not have a mentality of constant vigilance against attack.
- **Purple team** integrates the defensive tactics and controls from the Blue Team with the threats and vulnerabilities found by the Red Team. Exists to ensure and maximize the effectiveness of both. Not a team as such, but rather a permanent dynamic between Red and Blue.
![](BAD-pyramid-miessler.png)
Related:
[ISO 27001 A.14.2.8 System security testing](../Standards/ISO27x/archive/ISO%2027001%202013/ISO%2027001%20A.14.2.8%20System%20security%20testing.md)
[ISO 27001 A.14.2.9 System acceptance testing](../Standards/ISO27x/archive/ISO%2027001%202013/ISO%2027001%20A.14.2.9%20System%20acceptance%20testing.md)