Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a SIEM query. A red team script is being rewritten by hand so the blue team can use it. A patch waiting on a change-approval window that’s longer than the exploitation window itself.
Nobody in that chain is incompetent. Every human is doing their job correctly. The problem is the system, itsRead More
Your Purple Team Isn’t Purple — It’s Just Red and Blue in the Same Room [email protected] (The Hacker News)
by
Tags: