The Infosec Color Wheel

A visual framework for understanding how security teams are structured — and what tools, roles, and responsibilities belong to each domain.

The color wheel framework was introduced by April C. Wright in her 2017 Black Hat presentation "Orange Is the New Purple." It expands the traditional Red/Blue team model into a complete spectrum of security disciplines.

This site maps each color to the teams, tools, and career roles that live within it — helping early-career security professionals understand the landscape and where to focus their learning.

The 7 Teams

Red Team

Offense & Adversary Simulation

Red teams simulate real-world attackers to test an organization's defenses. They use the same tools and techniques as adversaries to find vulnerabilities before malicious actors do.

Blue Team

Defense, Detection & Response

Blue teams defend organizations from cyber attacks through continuous monitoring, threat detection, incident response, and digital forensics. They are the guardians of the network.

Yellow Team

Secure Development & Architecture

Yellow teams build security into software and systems from the ground up. They ensure that applications, infrastructure, and pipelines are designed and coded with security as a first-class requirement.

Purple Team

Red + Blue Collaboration & Validation

Purple teams bridge the gap between Red and Blue teams. By combining offensive and defensive knowledge, they run collaborative exercises that improve detection capabilities and validate security controls in real time.

Green Team

Blue + Yellow — Secure Ops & Automation

Green teams combine defensive operations with software engineering. They build detection capabilities into code, automate security workflows, and improve logging and observability across the stack.

Orange Team

Red + Yellow — Security Culture & Training

Orange teams bridge offensive security knowledge and development teams. They train developers to think like attackers, build security awareness programs, and embed offensive knowledge into the development culture.

White Team

Governance, Risk & Compliance

White teams govern all security activities. They set policy, manage risk, ensure compliance, and oversee exercises. They are the authority that defines the rules of engagement for all other teams.

Community contributions welcome — submit a tool, team, or role.