Blue Team and Red Team

Jun 1, 2019

One of the most common questions is the difference between the red and blue teams. People are also confused about why there are two teams in cybersecurity and can one replace the other? In short, there are two teams by standing on two perspectives in cybersecurity, and we need them both. The blue team stands on the defender’s side, in which the team focuses on visibility, context, and control. On the other hand, the red team is on the attacker’s point to test the strength of points in defense. ...

I have a CCIE, so what's my level of security

May 5, 2019
Security, CCIE

CCIE is a good proof of what you have learnt, but it may be far away from what you will experience. The past 2018, I hosted a couple of security workshops all over the world. During them, I was asked the same question for many times: “I am trying to have/have passed a certificate of xxx, what’s my level in the security area?” Like what I always suggest people who ask a similar question of CCIE, I’d like to use the most well-known terminology in the networking industry: It depends, which can be illustrated in two perspectives. ...

Security devices aren't good enough because they aren't bought properly

Feb 5, 2019

Through my consulting experience started from last year, there were a couple of times when attendees were talking about the performance and usability issues of their security products. Interestingly enough, I found most of these issues were not related to the performance and features at all. Instead, they were more close to how devices are bought. Among the discussions, a shared process is locking a brand, then deciding which models had the best fit in their environment and finally sought partners for the final procurement. ...