jehna 
Ian Costa@jehna Most likely: do you "build" security infrastructure/tools (SOC, endpoint detection, etc.) vs "break" into the security systems (pentesting, malware/red team tool developer, maybe risk assessment)
@IanCosta so essentially blue vs red team?
@jehna That's what I've heard it used as. But someone can be a breaker in a blue team (testing rules and security controls being built) and a builder in a red team (creating C2 infrastructure, building red team tools, purple teaming/assisting the blue team/client on how to fix issues found)