Glossary
Red team / blue team / purple team
The teams that attack (red), that defend (blue) and that make them cooperate (purple) to strengthen security.
During an exercise, the red team plays the attackers to test the organisation, while the blue team defends and detects. The purple team is not a permanent third team, but the cooperation between the two: the attackers share their methods so that the defenders improve. The aim is not to "win", but to raise the real level of protection.
See also
BCP / DRPThe plans to keep operating during a crisis (BCP) and then to bring the systems back up afterwards (DRP).RTO / RPOTwo recovery objectives: how long we can hold out without the service (RTO), and how much data we can lose (RPO).CERT / CSIRTA team specialised in preventing and handling cybersecurity incidents.Defence in depthStacking several independent protections, so that a single flaw is never enough to compromise everything.