It has since been adapted as a cybersecurity measure that works in conjunction
with
pen testing and ethical hacking.
Known as a red team-blue-team simulation, this exercise tests security protocols
and
the response of those in charge of IT security.
It has since been adapted as a cybersecurity measure that works in conjunction
with
pen testing and ethical hacking.
Known as a red team-blue-team simulation, this exercise tests security protocols
and
the response of those in charge of IT security.
During the exercise, there is usually a red team made up of external IT teams,
but it can also include internal employees. Red team members pose as malicious
hackers and try to breach an organization’s security structure.
A blue team of internal security employees reacts to a red team attack and works
to defend your systems. When red and blue teams combine their efforts, they are
defined as a purple team.
This collaboration is based on a symbiotic relationship where red team activities
are used to train blue teams. The advantage of ‘purple teaming’ is that with
proper communication, documentation and education, red teams can make sure blue
teams remediate vulnerabilities and avoid repeating the same mistakes.
Red team pen testing is a carefully planned activity, although blue teams are not
informed before the assessment. The lack of notice is an essential part of the
red teaming process that distinguishes it from penetration testing.