It has since been adapted as a cybersecurity measure that works in conjunction with pen testing and ethical hacking. Known as a red team-blue-team simulation, this exercise tests security protocols and the response of those in charge of IT security.
During the exercise, there is usually a red team made up of external IT teams, but it can also include internal employees. Red team members pose as malicious hackers and try to breach an organization’s security structure.
A blue team of internal security employees reacts to a red team attack and works to defend your systems. When red and blue teams combine their efforts, they are defined as a purple team.
This collaboration is based on a symbiotic relationship where red team activities are used to train blue teams. The advantage of ‘purple teaming’ is that with proper communication, documentation and education, red teams can make sure blue teams remediate vulnerabilities and avoid repeating the same mistakes.
Red team pen testing is a carefully planned activity, although blue teams are not informed before the assessment. The lack of notice is an essential part of the red teaming process that distinguishes it from penetration testing.