A company hires a cybersecurity firm to perform a security assessment by simulating real-world cyberattacks to identify vulnerabilities. Which team is responsible for performing this offensive testing?

The purple team acts as a bridge between the red team (offensive) and blue team (defensive) to enhance collaboration and communication. While they play a crucial role in integrating findings from both teams, they do not conduct offensive testing themselves, which is the primary responsibility of the red team.

The white team is primarily responsible for overseeing and managing the security assessment process, ensuring that the rules of engagement are followed. They do not engage in offensive testing but rather serve as referees to maintain order and ensure that the exercise meets its objectives.

The blue team focuses on defending against attacks and strengthening the security posture of the organization. They monitor and respond to threats but do not engage in offensive testing, which is the domain of the red team. Their role is to improve defenses based on the insights provided by the offensive assessments.