The IT Law Wiki
The IT Law Wiki

Definitions[]

Red Team is

[a] group authorized and organized to emulate a potential adversary'’s attack or exploitation capabilities against an enterprise'’s cybersecurity posture.[1]
[a] technique for assessing vulnerability that involves viewing a potential target from the perspective of an attacker to identify its hidden vulnerabilities and to anticipate possible modes of attack.[2]
[a]n organizational element comprised of trained and educated members that provide an independent capability to fully explore alternatives in plans and operations in the context of the operational environment and from the perspective of adversaries and others.[3]

Overview[]

"The Red Team's objective is to improve enterprise Information Assurance by demonstrating the impacts of successful attacks and by demonstrating what works for the defenders (i.e., the Blue Team) in an operational environment.[4]

References[]

  1. NICCS, Explore Terms: A Glossary of Common Cybersecurity Terminology (full-text); CNSSI 4009.
  2. U.S. Department of Justice, Minimum Criminal Intelligence Training Standards for Law Enforcement and Other Criminal Justice Agencies in the United States 45 (Ver. 2) (Oct. 2007) (full-text).
  3. U.S. Department of Defense, Joint Intelligence Preparation of the Operational Environment (Joint Pub. 2-01.3) (June 16, 2009), at GL-8 (full-text).
  4. CNSSI 4009.

See also[]