Red & Blue Team Program
Classification: CONFIDENTIAL — Internal Use Only
Document: security/redblue/index.md · v1.0 · 2026-03-16 · GPUS-IT
Program overview
The GPUS-IT Red & Blue Team program provides structured adversarial testing and defensive validation to improve the organization's security posture. The program operates on a quarterly cadence with annual full-scope exercises.
| Role |
Description |
| Red Team |
Simulates attacker behavior — phishing, exploitation, lateral movement |
| Blue Team |
Defends, detects, and responds — Fail2ban, auditd, AIDE, ELK |
| Purple Team |
Red + Blue working together — focuses on control validation and gap closure |
| Tabletop |
Discussion-based exercises — no live attack, tests decision-making and procedures |
Program status
| Exercise Type |
Completed |
Planned |
Next |
| Red team |
0 |
1 (Q4 2026) |
Q4 2026 |
| Blue team drills |
0 |
2 (Q2–Q3 2026) |
Q2 2026 |
| Tabletop exercises |
0 |
2 (Q2–Q3 2026) |
Q2 2026 |
| Phishing simulation |
0 |
1 (Q3 2026) |
Q3 2026 |
| Full DR drill |
0 |
1 (Q4 2026) |
Q4 2026 |
2026 exercise calendar
| Quarter |
Exercise |
Type |
Duration |
Owner |
| Q2 2026 |
Ransomware tabletop |
Tabletop |
3 hrs |
IT Manager |
| Q2 2026 |
DNS failover drill |
Blue team |
2 hrs |
DNS Admin |
| Q3 2026 |
Phishing simulation |
Red team |
2 weeks |
IT Admin + external |
| Q3 2026 |
Insider threat tabletop |
Tabletop |
2 hrs |
IT Manager + HR + Legal |
| Q4 2026 |
Full DR drill |
Blue team |
Full day |
IT Manager + Full team |
| Q4 2026 |
External red team |
Red team |
2–4 weeks |
External firm |
Quick links