Integrating Red and Blue InfoSec teams

InfoSec typically divides some their people into Red (attack) and Blue (defend) teams. While I agree with the general idea, I’ve often thought it wasn’t sufficiently granular and left a lot out of the InfoSec equation. Up comes this article (https://danielmiessler.com/study/red-blue-purple-teams/) which really digs into what’s missing and how to tie things together. A Purple “team” integrates and facilitates communication between the Red and Blue teams. Further, a Yellow team (builder) and then the combination of the various colors in the Build Attack Defend pyramid, leading to Orange and Green teams, in addition to the Purple team.

WHile it ay overly complicate the picture, the idea is sound, I think – encourage, faciitate, and integrate communications between the various teams/groups. Share knowledge and use that sharing to build a stronger security posture.

Integrating Red and Blue InfoSec teams Read More ยป