Transiting from Red Teaming to Blue Teaming

Hi there,

I have just about to embarked on this course on Network Defense.

I came from a red teaming/penetration testing background. What attracts me about this course is: "Additionally, penetration testers will also learn more about how different networks are defended and gain a better understanding of how to penetrate them."

To be honest after these years, I don't have much working knowledge about Perimeter applicance such as Web Filter, IPS/IDS such as LanDesk/McAfee, Firewall applicances such Barracuda, Cisco, Palo Alto, Advanced Malware Protection such as Fireeye. Understanding of Network Topology such as DMZ, Zones etc, System Security.

i have knowledge on VAPT, types of misconfigurations, attacks pivoting etc.

My experience: 5 years in VAPT

Certificate : OSCP, CISSP

What are the kind of job roles available for people transiting from Red Team to Blue Team?

Find more posts tagged with

Comments

GeeLo

Hey Hi

The job role your looking for, is working as a SOC (Security Operations Center) Analyst.

You have certifications and knowledge and You referenced 5 years in VAPT and Red Team? Did you work for a company doing that?

One suggestion is to take CompTIA Network+ that will give you the core foundation in regards to network topology and also other disciplines related to networking, including wireless and cloud. Also, I would suggest to take CompTIA Cyber Security Analyst+ because that certification is the majority of all Blue Team based disciplines. In regards to needed certifications for Department of Defense, that certification covers like 5 or 6 positions on the DoDD 8750/8140 matrix.. So it's a good certification to have.

denisehilton

That's an unusual transition in my opinion because we've always been taught the defensive aspect before moving to the offensive ones.