The concepts of Red Team and Blue Team are actually used in military training, and later on, cyber security has adopted these concepts. Red Team tries to take over the system by using the techniques and tactics of the adversaries. Blue Team, on the other hand, provides defense by taking the necessary actions against these attacks.
Let’s examine the concepts of Red Team and Blue Team.
What is a Red Team?
Red Team is the team that tries to take over the systems by using the vulnerabilities of technologies and people and ensures that all these detected vulnerabilities are eliminated through reporting them for remediation.
When we take a look at the history of cyber security, we can see that it started with the Red Team. Because of its long history, many people are more or less familiar with the Red Team. Even someone with no proper security perspective knows that products must pass penetration tests before it is released.
Red Team Job Titles
Some of the cyber security roles available under Red Team are as follows:
- Penetration Tester
- Exploit Developer
- Bug Bounty Hunter
What is a Blue Team?
Blue Team; It is the team that defends against the attacks, eliminates the security risks and responds when cyber security incidents occur.
Although the Blue Team is a newer area compared to the Red Team, it shows a very rapid development. This rapid growth is one of the reasons for the SOC presence in federal agencies especially due to some laws and regulations.
Nowadays, which is when new vulnerabilities are detected every day, sufficient visibility cannot be provided even if continuous penetration tests are carried out. Realizing this situation, managers have focused more on detecting and preventing these attacks.
You can try LetsDefend, a practical training platform, to guide your career with Blue Team training.
Blue Team Job Titles
Some of the cyber security roles available in the Blue Team area are as follows: