Blue team (computer security)

- 20.48

Cybersecurity | XPRIZE
photo src: www.xprize.org

A blue team is a group of individuals who perform an analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and to make certain all security measures will continue to be effective after implementation.


Meet the New America Cybersecurity Team
photo src: www.newamerica.org


Maps, Directions, and Place Reviews



History

As part of the United States computer security defense initiative, red teams were developed to exploit other malicious entities that would do them harm. As a result, blue teams were developed to design defensive measures against such red team activities.


Cyber Security Team Video



Incident Response

If an incident does occur within the organization, the blue team will perform the follow six steps to handle the situation:

  1. Preparation
  2. Identification
  3. Containment
  4. Eradication
  5. Recovery
  6. Lessons learned

Operating system hardening

In preparation for a computer security incident, the blue team will perform hardening (computing) techniques on all operating systems throughout the organization.

Perimeter defense

The blue team must always be mindful of the network perimeter, including traffic flow, packet filtering, proxy firewalls, and intrusion detection systems.

Source of the article : Wikipedia



EmoticonEmoticon

 

Start typing and press Enter to search