Red, Blue & Purple Team: Attacker, Defender & Facilitator

By Ayesha Yousuf
  • Compromising the target’s security by different hacking tools.
  • They initiate holistic activities which includes ethical penetration testing, giving the team a thorough assessment of the tactics the blue team has used for protection.
  • Exploiting the bugs and weaknesses of the company, this shows how drastic is the gap between the company’s security and the requirement to fix them.
  • Remain undetected by the blue team and penetrate into the application in a fleeking time which makes it extremely hard for the blue team to detect and work for countermeasures.
  • They apply social engineering and phishing techniques to manipulate the employees into revealing the secrets and confidential information of the company.
  • The blue team detects and neutralises the more sophisticated attacks and closely monitors current and emerging threats to preemptively defend the organisation.
  • They understand every suspicious activities and take readily measure to counter the attack
  • They use automated tools to detect the malware or phishing emails that could be a potential lead towards a great loss.
  • Their activities also include gathering threat intelligence information to use against any new risk or suspicious activity.
  • They perform analysis to carefully cater the need of implementing such security measures that are cardinal and also help the system to be nearly impossible to breach.
  1. The red team being an attacker thinks of itself as too elite to share information with the blue team creating a gap between them.
  2. An external red team working vigorously towards its objectives when pulled inside the organisation is often criticised, neutralised and demoralised ultimately lowering their effectiveness of the task assigned.
  3. The red and blue team are not initially designed to work hand in hand so when they work together and learn lessons along the way at some point they go to their designated seats and the communication is broken down.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
BlockApex

We exist to build trust in the web3 ecosystem by cultivating veterans that are experts in security, testing and audits. Visit the website: https://blockapex.io