this post was submitted on 16 Feb 2024
250 points (83.6% liked)

Technology

59196 readers
3776 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 13 points 8 months ago (1 children)

That's inaccurate. Red Team is the guys that test your security from an attacker view point. Red Teams are often contractors hired by companies. The companies are the ones paying to be "hacked", so they can fix whatever gaping security holes the red Team finds.

At least, that's usually the definition. If just talking about AI stuff, I'd call those people testers.

[–] [email protected] 3 points 8 months ago (2 children)

I always thought that people hired to pen test are white hat hackers? What is the difference to red team?

[–] [email protected] 4 points 8 months ago

People in red Teams are white hats. The terms describe different things. The "color wheel" is operational and thinks in the context of an organization. Red Team tries to attack our stuff, blue team tries to defend our stuff, yellow team builds our stuff etc.

White hat is just a term for ethical hackers, black hat is a term for criminals. Grey hat means someone in-between (think political hacker defacing website of organization they don't like), there is also some more but the shades of grey are most important.

[–] theherk 3 points 8 months ago

While white hats are sometimes paid, it is generally in bounties. It just means being adversarial without trying to be unethical. So, find the hole but tell the person that made it rather than the crooks that will exploit it.

A red team on the other hand is a known value. They are the bad guys in a simulation. The military exercises similarly or any organization that wants to test defenses. Red team == the make believe bad guys.