São Paulo/SP – December 23, 2022. Red Team And Blue Team. An attack team and a defense team, trained and focused on guaranteeing the security of personal and corporate data so that they are not affected by criminals, called Blue Team and red team.
*By Pablo Marques
As technology takes more and more space in our daily lives, we are faced with countless possibilities and forms of data transition such as online shopping, registration on news sites, social networks, study sites, financial market, games, health, as well as -estar etc., which require data such as name, address, payment methods.
While the well-intentioned use these exchanges of information to improve the user experience, the malicious agents make this everyday procedure a possibility to steal and use this data illegally, damaging the victim's image, taking possession of money, information personal and sensitive information, digital assets, etc.
Noting the need for designated and qualified teams to ensure that the digital environment was safe for interaction with their customers, companies adopted the strategy that came from war games in the military segment, with an attack team and a defense team, trained and focused on guaranteeing the security of personal and corporate data so that they would not be affected by criminals, called Blue Team and red team.
red team
O RedTeam, takes care of offensive tests to validate the environment, unlike criminals who will attack and use failures to compromise and damage the environment. This team of professionals will work within a scope pre-defined in the contract so that no essential service is affected during production, maintaining the full functioning of the company during its tests.
Conducting a survey of all vulnerable points that could damage the environment or compromise any of the pillars of security, confidentiality, integrity and availability. After carrying out the tests in the environment, a report is prepared with the vulnerabilities, measures and recommendations for correction and presented to the requesting company showing evidence of everything that was done, and how it was performed, so that they have the greatest possible understanding of the vulnerabilities in your environment. Following the corrections implemented by the company, the team will carry out a new test to validate whether all points reported have been corrected, and whether they still have something open that can be used as an attack vector and compromise the environment, and its criticality for the client.
Blue Team
O Blue Team, aims to protect the environment, being responsible for correcting security flaws, and ensuring that the best possible methods are applied to mitigate possible vulnerabilities that the environment may be exposed to.
This team of highly trained professionals has knowledge for log analysis, security audits, risk analysis, and many other fields relevant to ways of validating the security of the environment and its processes. In case of any violation of the environment, the team will be ready to carry out the analysis, locate and eliminate the breach used for that exploitation.
The teams together
Working towards the best possible scenario for the environment, the teams have functions of great importance and high cooperation.
O red team will verify the points that can be used to compromise that environment, simulating controlled attacks so as not to damage the company's data, collecting evidence and documenting all stages of the tests carried out throughout the process.
O Blue Team will make corrections to the points highlighted by the analysis of offensive security professionals, thus mitigating possible vulnerabilities located in the environment, and scheduling new periodic tests so that the company is always in compliance with security standards to serve its customers and interests of the company best possible way.
— Pablo Marques is a Trainee at [SAFEWAY]
How can we help?
THE SAFEWAY is an Information Security consulting company recognized by its clients for offering high value-added solutions through projects that fully meet the needs of the business. In 14 years of experience, we have accumulated several successful projects that have earned us credibility and prominence with our clients, who largely make up the 100 largest companies in Brazil.
today through 25 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best solutions in technology, processes and people. We have both the technical skills and the experience necessary to assist your company in the process of structuring controls and preparing the environment for the implementation of an ISMS, SGS or SGCN and, consequently, certification of operations, services or companies to the ISO27001, ISO20000 or ISO22301 standards.
In order to support companies in this process of evaluation and adaptation to the requirements of the LGPD, [SAFEWAY] has in its portfolio of services, the Cybersecurity Health Check whose objective is to carry out a diagnosis of the CyberSecurity, Information Security and Data Privacy implemented in your company, contemplating the pillars of Law Suit, People and Technology.
through the Cybersecurity Health Check, risks associated with information security and privacy of internal processes and activities are identified, existing controls and new controls evaluated according to the size of your organization to increase the level of maturity and compliance, in accordance with good information security practices. If you would like more information, contact one of our experts!
