: Blue teams focus on incident mitigation and forensic investigations after a breach occurs.
: Tools like firewalls and Intrusion Prevention Systems (IPS) block traffic based on preset rules. defensive measure
: Employee training, phishing simulations, and implementing Multi-Factor Authentication (MFA) are critical to stopping social engineering attacks. 2. Sports Analytics (Measuring Performance) : Blue teams focus on incident mitigation and