Offensive Security vs Defensive Security

MOC Cybersecurity

Created: 2022-06-30
Tags: #literature

Abstract:

  • Offensive Security
  • Defensive Security
  • The jobs of Defensive Security

Offensive security (Red Team)

  • breaks into computer systems,
  • exploiting software bugs, and
  • finding loopholes in applications to gain unauthorized access to them.

To beat a hacker, you need to behave like a hacker, finding vulnerabilities and recommending patches before a cybercriminal does.

Defensive Security (Blue Team)

  • investigating infected computers to understand how it was hacked
  • tracking down cybercriminals
  • monitoring infrastructure for malicious activity.

Security Analyst deals with detecting attacks

Monitor various systems in the organisation and detect whether any of these systems are being attacked.

To do this, you need to understand how underlying technologies work and then understand what attacks against these technologies look like.

Incident Responder

Usually brought in once an attack has already occurred.
Understands what actions an attacker has taken and the amount of impact it caused.
Analyses trace evidence left by an attacker.

To do this, you need to know how underlying technologies work and what potential attacks could be carried out against a system. They

Malware analysis

Understands what a malware is exactly doing thus possibily creating a plan to prevent further abuse

Malicious Hackers would

  • use malicious softwares in any stage of their attack cycle
  • from gaining access to a system to maintaining persistence.

Resources to learn for Blue Team

References

Interactive Graph
Table Of Contents
Offensive Security vs Defensive Security
Abstract:
Offensive security (Red Team)
Defensive Security (Blue Team)
Security Analyst deals with detecting attacks
Incident Responder
Malware analysis
Resources to learn for Blue Team
References