Talk:Red team/Archive 1

Proposed Changes
It's been two years without any traction, thought it may be worthwhile to jump in here before making a ton of changes. Any thoughts or oppositions? - Aghassemlouei (talk) 08:10, 12 March 2016 (UTC)
 * Refocus article on actual red teaming; pair down military background
 * Define when organizations will actually benefit from a red team
 * Discuss differences between penetration testing, security assessments, tiger teams, etc
 * Cover impact of performing red team on immature organizations
 * Create a complimentary article on blue teaming

reference in real world
http://www.economist.com/news/international/21678236-lot-what-passes-security-airports-more-theatrical-real-no-more

Sucks
This article sucks. It starts out describing red teams as penetration testers and then without much segue dives into "red team" as it pertains to Army operations, testing and risk management. It looks like one guy wanted to start writing about penetration testing and then some Army asshole showed up and did a copy/paste from their field manual.

I agree; I just read the whole article and I still have no idea what it really means at a basic level Theguyi26 (talk) 22:07, 27 April 2012 (UTC)theguyi26

Agree. It's a mess. Titusmars (talk) 22:28, 23 January 2014 (UTC)

Academic Hours
Is it only 720? I thought it was 740 or 750. Probably not a big difference though either way.

Using Red Team concept in the Civilian World
Here is a link to a firm that uses the "red team" concept to create alternative strategies in the areas of workflow efficiency, document management, change management, and project implementation.

www.redteamadvisors.com —Preceding unsigned comment added by FlashG1 (talk • contribs) 16:39, 30 April 2008 (UTC)

Merge Discussion
I know the term Red Team from the civilian side of penetration testing, not just from a military perspective. Merging it with Red Cell and Tiger Team may lose this meaning. Suggest also starting an article or section for Blue Team, which is the defending team in penetration testing. —Preceding unsigned comment added by Pradameinhoff (talk • contribs) 13:42, 16 September 2010 (UTC)

Oppose merge Tiger Team with Red Team. A Tiger Team appears to be a generalized troubleshooting team, rather than an OPFOR-style Red Team. These are sufficiently different to warrant distinct articles.

* Septegram * Talk * Contributions * 05:21, 9 June 2011 (UTC)

Oppose merge Tiger Team with Red Team. I think Septegram has a valid point. LQ Ninja2 (talk) 14:34, 20 January 2013 (UTC)

Blue Team
There is no complementary article for Blue Team, there should be. The Blue Team article is for a more obscure use. 70.51.9.118 (talk) 06:12, 2 July 2008 (UTC)

The Blue Team link redirects to something unrelated. — Preceding unsigned comment added by 146.103.254.11 (talk) 13:54, 5 October 2017 (UTC)

Content
I think we need to add or seperate this into fields. ie, Military, Computer, Buisness LQ Ninja2 (talk) 14:31, 20 January 2013 (UTC)

Is this notion used in journalism?
In the tv series The Newsroom (several episodes in season 2) the concept of "red team"  is mentioned as a matter of course, without much explanation. In real life newspapers or tv news shows, is the idea of having a red team to look for holes in a story --The very model of a minor general (talk) 20:22, 26 September 2013 (UTC)
 * standard procedure?
 * considered a "good idea, if we only had the resources"?
 * irrelevant / unknown?

External links modified
Hello fellow Wikipedians,

I have just added archive links to 1 one external link on Red team. Please take a moment to review my edit. If necessary, add after the link to keep me from modifying it. Alternatively, you can add to keep me off the page altogether. I made the following changes:
 * Added archive https://web.archive.org/20090419081417/http://www.acq.osd.mil:80/dsb/reports/redteam.pdf to http://www.acq.osd.mil/dsb/reports/redteam.pdf/

When you have finished reviewing my changes, please set the checked parameter below to true to let others know.

Cheers.—cyberbot II  Talk to my owner :Online 14:24, 15 February 2016 (UTC)

Fresh Look -- delete the tags or delete the article
This article has been on the backlog three years with no substantial improvement. The section on the USMC was copied from somewhere. The public domain origin of the article is no longer available. I suggest two options: delete the article, or delete all the tags. An interminable discussion is doing no one any good. Rhadow (talk) 11:05, 11 August 2017 (UTC)

External links modified
Hello fellow Wikipedians,

I have just modified 2 external links on Red team. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
 * Added archive https://web.archive.org/web/20130302035720/http://slashdot.org/topic/bi/thinking-like-an-attacker-how-red-teams-hack-your-site-to-save-it/ to http://slashdot.org/topic/bi/thinking-like-an-attacker-how-red-teams-hack-your-site-to-save-it/
 * Added archive https://web.archive.org/web/20110617105841/http://www.tradoc.army.mil/pao/tnsarchives/July05/070205.htm to http://www.tradoc.army.mil/pao/tnsarchives/July05/070205.htm

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

Cheers.— InternetArchiveBot  (Report bug) 04:33, 18 September 2017 (UTC)

External links modified
Hello fellow Wikipedians,

I have just modified one external link on Red team. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
 * Added archive https://web.archive.org/web/20161201105622/http://www.dtic.mil/cjcs_directives/cdata/unlimit/m651003.pdf to http://www.dtic.mil/cjcs_directives/cdata/unlimit/m651003.pdf

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

Cheers.— InternetArchiveBot  (Report bug) 00:31, 13 January 2018 (UTC)

News Version
The version of a Red team used for news programs should be mentioned, or at least the fact that it is used in the second season of The Newsroom. See here for at least on source. --Elisfkc (talk) 13:52, 17 July 2018 (UTC)

Example:Fixed typos, added contents, links syntax to Oauth/user Zuradr (talk) 07:11, 30 September 2019 (UTC)

Example:Fixed typos, added contents, links syntax to Oauth/user Zuradr (talk) 07:11, 30 September 2019 (UTC)

Ambiguous language
"The U.S. Army then stood up a service-level Red Team, the Army Directed Studies Office, in 2004. This was the first service-level Red Team and until 2011 was the largest in the Department of Defense (DoD)." "stood up"? this colloquialism is ambiguous and misleading. I'd suggest a change if I knew what it meant in this context.

Copyright problem removed
Prior content in this article duplicated one or more previously published sources. The material was copied from: infysec.com/services/redteam-testing. Copied or closely paraphrased material has been rewritten or removed and must not be restored, unless it is duly released under a compatible license. (For more information, please see "using copyrighted works from others" if you are not the copyright holder of this material, or "donating copyrighted materials" if you are.)

For legal reasons, we cannot accept copyrighted text or images borrowed from other web sites or published material; such additions will be deleted. Contributors may use copyrighted publications as a source of information, and, if allowed under fair use, may copy sentences and phrases, provided they are included in quotation marks and referenced properly. The material may also be rewritten, providing it does not infringe on the copyright of the original or plagiarize from that source. Therefore, such paraphrased portions must provide their source. Please see our guideline on non-free text for how to properly implement limited quotations of copyrighted text. Wikipedia takes copyright violations very seriously, and persistent violators will be blocked from editing. While we appreciate contributions, we must require all contributors to understand and comply with these policies. Thank you. LampGenie01 (talk) 18:46, 14 December 2019 (UTC)
 * Since this is still open at Copyright_problems/2019_December_14, a few notes for posterity:
 * displays a few sentences that were cut from the article in 2019. It looks like those were both copied from here, rather than the other way around. You can see the sentences have been in the article for a long time, have had their wording change slowly over time, and then appeared at that website in their 2018 form.
 * If I run Earwigs now, I also get a hit to which also appears to be backwardscopied from Wikipedia. Same thing: the section copied there was slowly built over years here, then appears to have been imported en masse there in 2018.
 * If anyone has further concerns about the article's copyright status, feel free to re-post it at WP:CP. Otherwise I'll close the 2019 report as resolved with no revdel necessary. Thanks! Ajpolino (talk) 21:45, 8 October 2020 (UTC)

Issues with lead clarity
I recently arrived here from a link in a cybersecurity article. After reading the lead, I was not able to get a good idea of what a red team is. The current first sentence, A red team is a group that helps organizations to improve themselves by providing opposition to the point of view of the organization that they are helping. is not very clear.

"improve themselves by providing opposition to the point of view of the organization that they are helping" is not succinct. Improve themselves how? Oppose how? "Opposition to the point of view", what is opposition?

Instead of trying to fix this sentence, and risk messing up the definition of red team for other organizations, I tried to fix the cybersecurity definition by adding the cybersecurity definition to the lead. But it recently got removed from the lead.

So I'd like to suggest that we need to fix the root issue of the wording of the first sentence. Thoughts? – Novem Linguae (talk) 01:42, 22 December 2020 (UTC)


 * @User:Novem_Linguae The first sentence is very unclear. Maybe "opposition" means "blue team" - who knows? The second sentence says about overcoming "cultural bias", which is misleading because it has very little to do with cybersecurity. So IMO, the first two sentences should be changed. Anyway, we need a good source. What do you think about this one? 85.193.228.103 (talk) 12:12, 22 December 2020 (UTC)
 * Thanks for looking into sources. I did a quick check, looks like not a lot of our official reliable sources (listed at WP:RSP) cover this topic. However, I found a "magazine", which is probably more reliable than blogs. What do you think of this one? Security Magazine. They also talk about red teams and pen tests being a different concept, and explain the differences, so that's good. – Novem Linguae (talk) 15:14, 22 December 2020 (UTC)
 * It looks like a very good article from a reliable source, the more so because the source was used in Wikipedia (15 times so far). But the source mentioned by me contains ready-made definitions (which should be rephrased a bit, of course). Do you consider it a blog? Both websites make money by selling something indirectly or by being affiliated with third parties. It is always about money :-) But yes - "your" website looks more suitable as a source, though it needs more creativity from us as editors. 85.193.228.103 (talk) 17:13, 22 December 2020 (UTC)
 * I took another look at your website. Looks like it's lower quality than a blog. It's a sales page for a company. I mean, you can use ideas from that page if you think they're correct. But from a Wikipedia policy perspective, I think that source would be considered an unreliable source. WP:RS. But that aside, if you want to take a stab at re-writing the lead, go for it. Other editors can always jump in and improve whatever we change it to. – Novem Linguae (talk) 17:55, 22 December 2020 (UTC)
 * My website contains essential information, easy to understand for laymen, while the article in your magazine does not even explain what a "red team" means. It also uses a jargon word "pentest". My first connotation was "pen + test", which did not make any sense. I think that our article is for laymen and should be clear and readable. Professionals will find a better and probably highly specialized source of information. Maybe you know much more about cybersecurity than me. If so, then feel free to use your expertize. Computer Science is a huge field of knowledge. It is hard to be good at everything. For example I am good in Python but I don't know much about C/C++. Some claim to know five programming languages. But it often means that they can write only a 30 line script that draws circles on a screen. Sometimes each circle has different color and size, in case of an advanced programmer ;-) 85.193.228.103 (talk) 20:00, 22 December 2020 (UTC)
 * Nope, no cybersecurity for me. Cybersecurity is a sub-field of sysadmin. Programming and sysadmin are different.
 * Pentest isn't that jargon-y. It has a wikipedia article at pentest.
 * Anyway, I'm just letting you know the policy. But like I said, I think you should go re-write the lead using your source anyway. Others can always "upgrade" the sources later. – Novem Linguae (talk) 20:09, 22 December 2020 (UTC)
 * Hmm. Redirecting from a jargon word is no criterion. Jargon is "words or expressions that are used by a particular profession or group of people, and are difficult for others to understand", which perfectly matches our word. Even "firewall" and "cache" are classified as jargon. Besides, try this. Note that this dictionary contains even very rare words.
 * But back to the topic. According to our article "red team" is a generic term that refers to various fields, and cybersecurity is only one of them. So I will not take the risk of being reverted. 85.193.228.103 (talk) 21:31, 22 December 2020 (UTC)
 * Hmm. Redirecting from a jargon word is no criterion. Jargon is "words or expressions that are used by a particular profession or group of people, and are difficult for others to understand", which perfectly matches our word. Even "firewall" and "cache" are classified as jargon. Besides, try this. Note that this dictionary contains even very rare words.
 * But back to the topic. According to our article "red team" is a generic term that refers to various fields, and cybersecurity is only one of them. So I will not take the risk of being reverted. 85.193.228.103 (talk) 21:31, 22 December 2020 (UTC)

Feedback
Don't have the energy to do a full review, but I though I may place some feedback here while you're waiting for somebody to pick it up. In general, pretty impressive! —Femke 🐦 (talk) 20:29, 24 May 2023 (UTC)
 * Difficult to avoid all the jargon, but I didn't understand "Credential hunting", "tabletop exercises",
 * – Novem Linguae (talk) 11:47, 28 May 2023 (UTC)
 * In places the article has elements of a 'how-to' style. A search for "should" should help identify a few instances. It may be better to omit or reword sentences like "This should be taken into account, and red team member's machines secured". I think a sentence like "Data can sometimes be exported from tools and then inserted into the graph database." may be similarly too "how-to", and a bit on the vague side anyway.
 * – Novem Linguae (talk) 11:47, 28 May 2023 (UTC)
 * There is a bit of a bias towards the US. Does this reflect the wider literature? I can imagine literature on this may be published outside of academia, and therefore not in English..
 * You could also tackle this by being stricter in the summary style: I'm not sure we need the "In the summer of 2015.. " paragraph
 * what I could easily fix. Trimmed a bunch of WP:UNDUE. – Novem Linguae (talk) 11:47, 28 May 2023 (UTC)
 * also newer attack vectors such as cryptocurrency mining -> I don't understand how this can be an attack vector.
 * – Novem Linguae (talk) 11:47, 28 May 2023 (UTC)

A Commons file used on this page or its Wikidata item has been nominated for speedy deletion
The following Wikimedia Commons file used on this page or its Wikidata item has been nominated for speedy deletion: You can see the reason for deletion at the file description page linked above. —Community Tech bot (talk) 14:53, 29 May 2023 (UTC)
 * Medium Rucksack.jpg