13 lines
1.1 KiB
Markdown
13 lines
1.1 KiB
Markdown
# Red, Blue, and Purple Teams
|
|
By Daniel Miessler
|
|
[Source](https://danielmiessler.com/study/red-blue-purple-teams/), retrieved December 23, 2021
|
|
|
|
- **Red Team** tests the effectiveness of a security program by emulating the tools and techniques of likely attackers.
|
|
- **Blue Team** is the internal security team that defends against attackers. Should be distinguished from standard security operations teams, as most do not have a mentality of constant vigilance against attack.
|
|
- **Purple team** integrates the defensive tactics and controls from the Blue Team with the threats and vulnerabilities found by the Red Team. Exists to ensure and maximize the effectiveness of both. Not a team as such, but rather a permanent dynamic between Red and Blue.
|
|
|
|
|
|
|
|
Related:
|
|
[ISO 27001 A.14.2.8 System security testing](../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A.14.2.8%20System%20security%20testing.md)
|
|
[ISO 27001 A.14.2.9 System acceptance testing](../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A.14.2.9%20System%20acceptance%20testing.md)
|