wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

CyberSecurity Color Wheel

profile
Uzma Behlim
Sep 06, 2022
1 Like
2 Discussions
213 Reads

It's uncommon for discussions on cybersecurity technology to be very colourful.  If you look at articles on the topic, almost all of them likely have accompanying images with minimal colours. Although there won't be any colourful images in this blog, a few colours that are significant in the world of security testing will be discussed.

What Is the Cybersecurity Color Wheel?

The cybersecurity color wheel is basically a multicolored circle that represents the various fields in cybersecurity. It is made up of primary colors, secondary colors, and white.

The primary colors are red, blue, and yellow; the secondary colors are a combination of those primary colors, and they include purple, orange, and green. In total, there are seven colors in the cybersecurity color wheel. These colors each represent a team in cybersecurity, and they all have their differing functions and career paths.

The cybersecurity color wheel was created by April C. Wright in 2017. She wrote a paper on the color wheel to expand and shed more light on the different fields in cybersecurity. Formerly, the only teams known in cybersecurity were the red and blue teams. But the security field has expanded beyond those teams.

“The Proposal Is To Promote The Idea Of Collaboration To Align The Goals And Objectives Of Different Teams.”

-Wright

Wright’s color wheel is actually a simplified one, which only features six colors: the primary and secondary ones. The colors yellow, blue, and red are positioned non-contiguously. Meanwhile, the colors green, orange, and purple are placed between the primary colors.

Primary Colors

Red

Red represents “The Breakers.” They are the team commissioned to perform “ethical hacking” on an organization. They are authorized to do whatever it takes to breach the security defenses. They perform more than just penetration testing. They can also conduct compliance testing, black-box testing, web app scanning, social engineering, and a host of other attacks. Just like the yellow and blue teams, the red team cannot be the same as the other two teams.

Blue

Blue represents “The Defenders,” the group tasked with the protection of the system created by the yellow team. They are responsible for implementing defensive security, damage control, and incident response. They may also play the role of threat hunters, operational security wardens, and data forensics experts. The blue and yellow teams may not be the same, because it will defeat the purpose of having different entities dedicated to specific functions. Also, they cannot have a point of blend-in (in the color wheel) if they’re one and the same.

Yellow

Yellow stands for “The Builders.” This is the team responsible for developing the security system of an organization. They could be an in-house IT department or a third-party security solutions provider. They may also be app or software developers, who are expected to ascertain that their applications are adequately secure.

Secondary Colors

The secondary colors represent a change in mindset on the part of the different teams or joint activities between teams.

Orange

The orange team stems from the need to bridge the gap between the red and the yellow team. Their primary responsibilities are education and facilitating interaction between the red team and the professionals building the application system.

The orange team educates the yellow team on the findings of the red and the vulnerabilities discovered during the penetration tests.

Green

The green team lies between the yellow and the blue teams. They bridge the gap between the builders and the defenders.

The main professionals in the green team are the DevSecOps Engineers. They ensure that applications are deployed and integrated securely and that the Software Development Life Cycle (SDLC) is secure.

Purple

A purple team is the combination of both offensive and defensive cybersecurity professionals, an amalgamation of the red and blue teams, who perform their responsibilities as a single unit.

Instead of the usual workflow of a red team carrying out an attack and sending a report for the blue team to patch or fix, the purple team carries out both processes together. This leads to a more efficient and time-effective approach to cybersecurity.

There are other colors as well to fill up your curiosity

The White, Black, Grey and Gold Squad.

Just don’t ignore your inquisitiveness and go search for the remaining ones

Comments ()

Sign in

Read Next

BIRYANI ! The history you never knew about

Blog banner

Is Pursuing a Dance Career in India Worth it?

Blog banner

How to feel Happy everyday day

Blog banner

Types of E-Commerce

Blog banner

Virtualization

Blog banner

Virtual machine and virtualizing

Blog banner

Deadlock

Blog banner

Cache memory

Blog banner

It's all about our Brain.- The Brain Metaphor

Blog banner

Service Transition Process in ITSM

Blog banner

Virtual memory

Blog banner

What if COVID does not exist!

Blog banner

Juveniles, Internet and Computer Crime

Blog banner

Lucidchart

Blog banner

E-learning in today's world

Blog banner

All you need to know about “Off-page SEO”

Blog banner

What Function Does SEO Serve in Digital Marketing?

Blog banner

FREE VERSION OF G-MAIL

Blog banner

"Audit" In Data Science

Blog banner

When Is the Right Time to Enrol My Toddler Into Preschool? NEP

Blog banner

Education?

Blog banner

I Personally

Blog banner

Components of GIS

Blog banner

What is a Dumpster Diving Attack?

Blog banner

DNS Cache

Blog banner

Multicore and Multithreading

Blog banner

What is a geographic information system (GIS)?

Blog banner

Super Garlicky Tomato Soup with Smashed White Beans

Blog banner

The Secure Software Development Life Cycle (SDLC)

Blog banner

Service Catalogue Management

Blog banner

indian premier league

Blog banner

How can denial-of-service(Dos) attacks be prevented?

Blog banner

Tiranga - Abbas Haveliwala

Blog banner

Microsoft Word

Blog banner

Vikrant’s first blog

Blog banner

Concurrency and Deadlocks

Blog banner

LinkedIn: Watch out for these 7 upcoming updates in 2023

Blog banner

Explaining Buffer Overflow with Example

Blog banner

Theads

Blog banner

What is Spyware? and examples of them.

Blog banner

IoT Evolution

Blog banner

The Future of Patola Weaving in a Sustainable Fashion World

Blog banner