Equipo de
persona que actúan como árbitros en un ejercicio de seguridad entre el equipo
rojo (atacante) y el equipo azul (defensa).
1. The group responsible for
refereeing an engagement between a Red Team of mock attackers and a Blue Team
of actual defenders of their enterprise’s use of information systems. In an
exercise, the White Team acts as the judges, enforces the rules of the
exercise, observes the exercise, scores teams, resolves any problems that may
arise, handles all requests for information or questions, and ensures that the
competition runs fairly and does not cause operational problems for the
defender's mission. The White Team helps to establish the rules of engagement,
the metrics for assessing results and the procedures for providing operational
security for the engagement. The White Team normally has responsibility for
deriving lessons-learned, conducting the post engagement assessment, and
promulgating results.
2. Can also refer to a small
group of people who have prior knowledge of unannounced Red Team activities.
The White Team acts as observers during the Red Team activity and ensures the
scope of testing does not exceed a pre-defined threshold.
[CNSSI_4009:2010]