Resources
> Action Map & MITRE Methods
Action Map or MITRE methods provides a chronological visualization of a red team's activities during an engagement. It shows the sequence of actions, techniques used, and their relationships—helping stakeholders understand the attack path and progression. Use template at draw.io
> Rules of Engagement
Software Testing Scoring Matrix is a structured evaluation framework that assigns numerical values to different aspects of software testing. This helps teams quantify and prioritize testing efforts based on risk levels and complexity.
> Assessment Report
Red team assessment report documents security vulnerabilities, attack paths, and recommendations identified during an engagement. It presents findings in a structured format that connects technical discoveries with business impact, driving meaningful security improvements. Word Doc Template
> Hot Wash
Hot Wash is an immediate post-operation debriefing where team members discuss outcomes, share observations, and identify lessons learned—all while details remain fresh in their minds.
> Software Testing and Vetting
Rules of engagement (ROE) are formal guidelines that define the scope, boundaries, and acceptable methods for conducting red team assessments, ensuring both the safety of systems and clear communication between red teams and organizations. Word Doc Template
> Cyber Effects Spreadsheet
Pre-Engagement planner is a strategic tool that helps red teams prepare for engagements by gathering intelligence, understanding client requirements, and developing a plan of action before beginning the scoping process.
> Pre-Engagement Planner
Cyber effects are deliberate actions taken in cyberspace that create changes in the cyber or physical world, ranging from network disruption and data manipulation to impacts on physical infrastructure through cyber-physical systems.
