RED TEAM (OFFENSIVE) 

VS

BLUE TEAM (DEFENSIVE)

The concept has made its way into the corporate world, too: war-gaming the security infrastructure. Red team-blue team exercises take their name from their military antecedents. The idea is simple: 
One group of security pros — a red team — attacks something, and an opposing group — the blue team — defends it

BLUE TEAM (DEFENSIVE)

A blue team consists of security professionals who have an inside out view of the organization. Their task is to protect the organization’s critical assets against any kind of threat.

 

They are well aware of the business objectives and the organization’s security strategy. Therefore, their task is to strengthen the castle walls so no intruder can compromise the defenses.

RED TEAM (OFFENSIVE)

A red team consists of security professionals who act as adversaries to overcome cyber security controls. Red teams often consist of independent ethical hackers who evaluate system security in an objective manner.

They utilize all the available techniques (discussed below) to find weaknesses in people, processes, and technology to gain unauthorized access to assets. As a result of these simulated attacks, red teams make recommendations and plans on how to strengthen an organization’s security posture.