Internal security teams who defend against real and simulated (i.e. red team) attacks. They have to be constantly vigilant against attacks in order to be effective.

Red and blue teams should work together: it’s the job of both teams to help to strengthen a network by attacking it (red team) or defending it (blue team) and sharing results.