1 · Scope the exercise
Choose a MITRE adversary or keep it ad-hoc, then add the techniques you plan to emulate.
Loading MITRE groups, malware, and campaigns…
- Loading dashboard-data.json…
2 · Build the scenario playlist
Name it, keep the list short, and sanity check which steps you actually expect to detect.
| # | Technique | Expectation | Status | |
|---|---|---|---|---|
| Add techniques from the list above. | ||||
3 · Track detections live
Flip steps to detected or missed as soon as red executes them.
Add techniques to enable tracking.
4 · Share the summary
Copy the text below into email, chat, or your detection backlog.