“The blue team is responsible for the detection, assessment, investigation, correlation, and recommendations to the system owner to remediate an incident.”
James Medlock is a 25-year Army veteran with multiple job skills, a cyber operations specialist, a satellite network engineer, and an SME. He also has worked on designing and supporting communications systems for the military as a senior satellite engineer and staff engineer for General Dynamics, has written his name on a Milstar communications satellite before it was launched into space, has a bachelor's degree and a master's degree in management of information systems, has eight years working with IT and OT in the oil and gas industry, has a bunch of certificates in a box in his closet, serves as a high school cyber patriot mentor, was the technical editor for three books, has written multiple technical manuals for Army communication equipment, is a board member for a couple of conferences, is a DEF CON walker of 15,000 steps a day, was an illuminati party-goer, and is a friend to many, father of five, and spouse to one.
How do you define a blue team?
The blue team is responsible for the detection, assessment, investigation, correlation, and recommendations to the system owner to remediate an incident. They should also be involved in post-remediation validation. This does not mean ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month, and much more.
