Accelerating defense strategies and practices by Purple Teaming
The Red Team vs Blue Team concept in cyber security has its roots in the military. Wargaming or wardriving exercises between attacking red teams and defending blue teams help assess attack readiness and defense strength.
In the cyber security world, attacking red teams are mainly external penetration testers and the defending blue team are normally internal security and technical teams.
Criminal hackers have, so far, had relatively low success rates when attacking the financial and banking world, given the extreme value of the industry’s targets. Red Team vs Blue Team operations have been widely adopted in these industries for many years.
Purple teaming is a new concept.
There are many lessons to learn from this, and across industries Red Team tools and techniques can accelerate Blue Team defense strategies and practices to provide a robust cyber defense.