Definition(s)


Blue Team

A group that defends an enterprise’s information systems when mock attackers (i.e., the Red Team) attack, typically as part of an operational exercise conducted according to rules established and monitored by a neutral group (i.e., the White Team).

Also, a group that conducts operational vulnerability evaluations and recommends mitigation techniques to customers ho need an independent technical review of their cybersecurity posture.

Adapted from: CNSSI 4009

Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards

Comments are closed.