4.1 Overview
| No: 56224/67 | Date(g): 13/5/2019 | Date(h): 9/9/1440 | Status: In-Force |
Effective from 2019-05-13 - May 12 2019
To view other versions open the versions tab on the right
At the beginning of this phase, the Green and White Team should independently provide their available Threat Intelligence (TI) to the Red Team. The Red Teaming provider will combine the received Threat Intelligence, with their own Threat Intelligence (which should be based on their own sources, their experience and earlier executed tests). Based on the combined threat intelligence the Red Team determines the attack scenarios and strategies. These attack scenarios and strategies are than discussed with the Green Team before defining the detailed attack Tactics, Techniques and Procedures (TTPs). If necessary, a discussion with Red and White Team should be initiated to further discuss and agree on the final attack scenarios in the light of Green Team comments.
The scenario phase usually takes several weeks (maximal five (5) weeks). An overview of the process is depicted below:
