Security Teams
Blue Team
The Blue Team are the defenders. They are responsible for maintaining the security posture of the organization, monitoring for threats, and responding to incidents.
1 Mission: Protect & Serve
Constant Vigilance
While Red Teams attack periodically, Blue Teams must defend 24/7. They configure firewalls, analyze logs, patch systems, and hunt for intruders who might have slipped past the defenses.
2 Core Responsibilities
Monitoring
Using SIEM tools to watch network traffic for suspicious anomalies.
Patch Management
Ensuring software and operating systems are up-to-date to fix known vulnerabilities.
Incident Response
Containing and eradicating threats when a breach occurs.
Previous
Progress Saved
Next Lesson