Podcast:  The InfoSec Color Wheel with Jasmine Henry

by

We've all heard of "Red Teams" and "Blue Teams" when it comes to cybersecurity. But what about the "Purple Team", the "Yellow Team" or the "Blue Team". What are those?

In February of 2020, Louis Cremen introduced the InfoSec Colour Wheel to the security community. The wheel expands upon April Wright's work on bringing builders into the security team. The value of the wheel is to show the various types of security teams, seven in all, and the role each plays in security.

Jasmine Henry brought the wheel to my attention last month. As she and I talked, we realized the InfoSec Wheel can be used as a thought exercise to show beginning cybersecurity professionals the various roles they can play within the community. This led to the discussion of careers in cybersecurity and what the near future looks like. 

In this broadcast, we'll evaluate the wheel, talk through each of the seven personas and give our thoughts on the value of each role, how it works with the other roles, and the basics of what each provides. Let's figure out what your primary color is.

About Jasmine Henry

Jasmine Henry is a security practitioner who's used JupiterOne to create a compliant security function at a cloud-native startup. She has 10 years of experience leading security programs, an MS in Informatics and Analytics, and a commitment to mentoring rising security practitioners from underrepresented backgrounds. Jasmine is a Career Village co-organizer for The Diana Initiative security conference. She lives in the Capitol Hill neighborhood of Seattle, WA.

The OWASP Podcast Series is supported by the Open Web Application Security Project, home to over 240 community driven security projects, including the OWASP Top 10, the Web Security Testing Guide, and the Security Knowledge Framework projects. And by JupiterOne, helping visualize, secure, and govern your cyber asset universe. 

Mark Miller
Mark Miller

Mark Miller speaks and writes extensively on DevSecOps and Cybersecurity. He has published 9 books, including "Modern Cybersecurity: Tales from the Near-Distant Future"

Keep Reading

Better Together: CMDB + CSPM = Cloud Native Cyber Asset Management
September 4, 2024
Blog
Better Together: CMDB + CSPM = Cloud Native Cyber Asset Management

There is a lot of confusion out there when it comes to cloud native IT and cloud security tools. Things have gotten rather complicated over the last few years as we

Top Takeaways From the Cyentia Institute’s Inaugural Study of EPSS Data and Performance - "A VISUAL EXPLORATION OF EXPLOITATION IN THE WILD"
July 30, 2024
Blog
Top Takeaways From the Cyentia Institute’s Inaugural Study of EPSS Data and Performance

A CISO's Top 6 Takeaways From the Cyentia Institute’s Inaugural Study of EPSS Data and Performance "A Visual Exploration of Exploitation in the Wild"

Open Source Compliance, Endpoint and Vulnerability Management with Fleet | JupiterOne
July 24, 2024
Blog
Open Source Compliance, Endpoint and Vulnerability Management with Fleet

Here’s how Fleet integrates with JupiterOne to gain comprehensive insights and enhance the security in our environment.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.