Blue Team
These are The Defenders; a blue team is like a red team. It assesses network security and identifies any possible vulnerabilities. What makes a blue team different is that once a red team imitates an attacker and attacks with tactics and techniques, a blue team is there to find ways to defend against the attacks. Changing the defense mechanisms to make the incident response much stronger. As a red team, the blue team is aware of the same malicious tactics and techniques to build protective strategies around them. The Blue team’s activity isn’t exclusive to attacks. They’re continuously trying to strengthen the entire security footprint, using software like an IDS (intrusion detection system) that provides them with an ongoing analysis of unusual and suspicious activity.