LOGBOOK

HELP

Quiz Entry - updated: 2026.06.20

In cybersecurity, what is the core difference between an offensive ("red team") and a defensive ("blue team") posture?

Defensive/blue team protects and reacts — it builds resilience using monitoring and controls; offensive/red team tests and simulates threats — it hunts for weaknesses using attacker techniques, ethically.

Think of it as castle guards versus a hired team of friendly burglars. The blue team (defensive) focuses on resilience: detection, response, and hardening. The red team (offensive) focuses on weaknesses: it ethically uses real attacker tactics to find the holes before a real adversary does. Mature organizations need both — and increasingly run them together ("purple teaming") so the attackers' findings continuously sharpen the defenders.

From Quiz: ISM / Threat & Impact Modelling | Updated: Jun 20, 2026