Engagement documentation is an extension of campaign planning where ideas and thoughts of campaign planning are officially documented. In this context, the term โdocumentโ can be deceiving as some plans do not require proper documentation and can be as simple as an email; this will be covered later in this task.
In this task, we will cover a technical overview of the contents of each campaign plan prior to looking at the plans and documents themselves in upcoming tasks.
Engagement Plan:
| Component | Purpose |
| CONOPS (Concept of Operations) | Non-technically written overview of how the red team meets client objectives and target the client. |
| Resource plan | Includes timelines and information required for the red team to be successfulโany resource requirements: personnel, hardware, cloud requirements. |
Operations Plan:
| Component | Purpose |
| Personnel | Information on employee requirements. |
| Stopping conditions | How and why should the red team stop during the engagement. |
| RoE (optional) | - |
| Technical requirements | What knowledge will the red team need to be successful. |
Mission Plan:
| Component | Purpose |
| Command playbooks (optional) | Exact commands and tools to run, including when, why, and how. Commonly seen in larger teams with many operators at varying skill levels. |
| Execution times | Times to begin stages of engagement. Can optionally include exact times to execute tools and commands. |
| Responsibilities/roles | Who does what, when. |
Remediation Plan (optional):
| Component | Purpose |
| Report | Summary of engagement details and report of findings. |
| Remediation/consultation | How will the client remediate findings? It can be included in the report or discussed in a meeting between the client and the red team. |