mirror of
https://github.com/MichaelCade/90DaysOfDevOps.git
synced 2024-12-22 21:33:14 +07:00
Improve grammar & mearning day 1
This commit is contained in:
Cotchi666
parent
c5398618bb
commit
4af49b46a8
@ -6,7 +6,7 @@
|
||||
|
||||
English Version | [한국어](2023/ko/README.md) | [Tiếng Việt](/2023/vi/2023.md)
|
||||
|
||||
Dự án này được sử dụng để làm tư liệu cho chuyến hành trình có được nền tảng kiến thức tốt về “DevOps của tôi.
|
||||
Dự án này được sử dụng để làm tư liệu cho hành trình xây dựng nền tảng kiến thức của tôi về “DevOps.
|
||||
|
||||
[](https://ko-fi.com/N4N33YRCS)
|
||||
|
||||
|
||||
@ -1,84 +0,0 @@
|
||||
## <span style="color:red">Team đỏ</span> vs. <span style="color:blue">Team xanh dương</span>
|
||||
|
||||
Có điều gì đó tôi đã đề cập ở cuối phần trước, có liên quan đến Team <span style="color:red">**Đỏ**</span> và Team <span style="color:blue">**Xanh dương**</span> làm việc như một bên tấn công bên phòng thủ để cải thiện việc bảo mật ở một tổ chức.
|
||||
|
||||
Both teams work toward improving an organisation's security posture but in different ways.
|
||||
|
||||
The <span style="color:red">**Red**</span> team has the role of the attacker by trying to find vulnerabilities in code or infrastructure and attempting to break through cybersecurity defences.
|
||||
|
||||
The <span style="color:blue">**Blue**</span> team defends against those attacks and responds to incidents when they occur.
|
||||
|
||||
|
||||
***[image from this source](https://hackernoon.com/introducing-the-infosec-colour-wheel-blending-developers-with-red-and-blue-security-teams-6437c1a07700)***
|
||||
|
||||
### The Benefits
|
||||
|
||||
A very good way to understand and better a company's security posture is to run these exercises between the <span style="color:red">**Red**</span> and <span style="color:blue">**Blue**</span> teams. The whole idea is that this scenario is there to mimic a real attack. Some of the areas that this approach will help are the following:
|
||||
|
||||
- Vulnerabilities
|
||||
- Hardening network security
|
||||
- Gaining experience in detecting and isolating attacks
|
||||
- Build detailed response plans
|
||||
- Raise overall company security awareness
|
||||
|
||||
### <span style="color:red">Red Team</span>
|
||||
|
||||
NIST (national institute of standards and technology) describes the <span style="color:red">**Red**</span> Team as:
|
||||
|
||||
“a group of people authorized and organized to emulate a potential adversary’s attack or exploitation capabilities against an enterprise’s security posture.”
|
||||
|
||||
They are playing the bad actor in the scenario or simulation of the attack.
|
||||
|
||||
When we speak about both <span style="color:red">**Red**</span> and <span style="color:blue">**Blue**</span> team it is possibly wider than the DevSecOps process and principles of a software lifecycle but knowing this is not going to hurt and practices from DevSecOps will ensure overall that you have a better security posture.
|
||||
|
||||
The <span style="color:red">**Red**</span> team, is tasked with thinking like the attacker which we covered in the last session. Think about social engineering and including the wider teams within the business to manipulate and gain access to the network and services.
|
||||
|
||||
A key fundamental of the <span style="color:red">**Red**</span> team is understanding software development. Understanding and knowing how applications are built, you are going to be able to identify possible weaknesses, then write your programs to try and gain access and exploit. On top of this though you may have heard the term "penetration testing" or "pen testing" the overall aim for the <span style="color:red">**Red**</span> team is to identify and try to exploit known vulnerabilities within an environment. With the rise of Open Source software, this is another area that I want to cover in a few sessions time.
|
||||
|
||||
### <span style="color:blue">Blue Team</span>
|
||||
|
||||
NIST (national institute of standards and technology) describes the <span style="color:blue">**Blue**</span> Team as:
|
||||
|
||||
“the group responsible for defending an enterprise’s use of information systems by maintaining its security posture against a group of mock attackers.”
|
||||
|
||||
The <span style="color:blue">**Blue**</span> team is playing the defence, they are going to be analyse the security posture currently in the business and then take action on improving that to stop those external attacks. In the <span style="color:blue">**Blue**</span> team you are also going to be focused on continuous monitoring (something we covered in the end of 2022 regarding DevOps) monitoring for breaches and responding to them when they occur.
|
||||
|
||||
As part of the <span style="color:blue">**Blue**</span> team you are going to have to understand the assets you are protecting and how to best to protect them. In the IT landscape today we have lots of diverse options to run our workloads, applications and data.
|
||||
|
||||
- Assessing Risk - through the form of risk assessments is going to give you a good understanding what are the most critical assets within the business.
|
||||
|
||||
- Threat Intelligence - What threats are out there? There are thousands of vulnerabilities out there possibly without a resolution how can you mititgate risk of those services without damaging the use case and the business need?
|
||||
|
||||
### Cybersecurity colour wheel
|
||||
|
||||
As Cybersecurity grows in importance with all the big brands getting hit there is a need for more than just the <span style="color:red">**Red**</span> and <span style="color:blue">**Blue**</span> teams when it comes to security within a business.
|
||||
|
||||
|
||||
***[image from this source](https://hackernoon.com/introducing-the-infosec-colour-wheel-blending-developers-with-red-and-blue-security-teams-6437c1a07700)***
|
||||
|
||||
- The <span style="color:yellow">**Yellow Team**</span> are our builders, the engineers and developers who develop the security systems and applications.
|
||||
|
||||
"We have our <span style="color:red">**Red**</span> and <span style="color:blue">**Blue**</span> Teams just as we always have, but now with the introduction of a <span style="color:yellow">**Yellow**</span> Team, we can have secondary coloured teams (Orange, Green and Purple) dedicated to mixing skills between attackers, defenders and coders — making code more secure and the organisation more secure."
|
||||
|
||||
The above abstract was taken from the top resource listed at the end of the post.
|
||||
|
||||
<span style="color:red">**Red**</span>, <span style="color:blue">**Blue**</span>, <span style="color:yellow">**Yellow**</span> are primary colours, combine them and we start to understand where the other colours or secondary colours come into play, again a really great explanation in that first link.
|
||||
|
||||
- <span style="color:purple">**Purple Team**</span> - The special team! If you take <span style="color:blue">**Blue**</span> and <span style="color:red">**Red**</span> you get <span style="color:purple">**Purple**</span>. If you integrate defence with offence and you collaborate and share knowledge between the teams you overall provide a better posture throughout.
|
||||
|
||||
- <span style="color:green">**Green Team**</span> - Feedback loop, the <span style="color:green">**Green**</span> team are going to take insights from the <span style="color:blue">**Blue**</span> team and work closely with the <span style="color:yellow">**Yellow**</span> team to be more efficient. Mix <span style="color:blue">**Blue**</span> and <span style="color:green">**Green**</span> and what do you <span style="color:purple">**get**</span>?
|
||||
|
||||
- <span style="color:orange">**Orange Team**</span> - Much like the <span style="color:green">**Green**</span> team working with the <span style="color:blue">**Blue**</span> team for feedback, the <span style="color:orange">**Orange**</span> team works with the <span style="color:red">**Red**</span> team and pass on what they have learnt to the <span style="color:yellow">**Yellow**</span> team to build better security into their code.
|
||||
|
||||
When I got into researching this I realised that maybe I was moving away from the DevOps topics but please anyone in the DevSecOps space is this useful? correct? and do you have anything to add?
|
||||
|
||||
Obviously throughout we have the plan to dive into more specifics around DevSecOps and the different stages so I was being mindful that I did not want to cover those areas that will be covered in future sessions.
|
||||
|
||||
Also please add any additional resources.
|
||||
|
||||
## Resources
|
||||
|
||||
- [Introducing the InfoSec colour wheel — blending developers with red and blue security teams.](https://hackernoon.com/introducing-the-infosec-colour-wheel-blending-developers-with-red-and-blue-security-teams-6437c1a07700)
|
||||
|
||||
|
||||
See you on [Day 5](day05.md).
|
||||
Loading…
Reference in New Issue
Block a user