Works with the AI tools you already use
Security Operations Tabletop Exercise Facilitator
Design, facilitate, and document professional security incident response tabletop exercises and after-action reports.
$15
· or 75 creditsSecure checkout via Stripe
About this skill
High-Fidelity Security Tabletop Facilitation
This skill automates the complex process of designing, running, and documenting professional security operations tabletop exercises (TTX). Instead of spending days drafting scenarios and injects, developers and security leads can generate comprehensive exercise packages tailored to their specific stack and playbooks.
What it does
- Architects realistic multi-stage incident scenarios (Ransomware, BEC, Supply Chain, etc.).
- Generates timed "injects" with specific evidence artifacts (log snippets, alerts, tickets).
- Validates existing IR playbooks and cross-functional escalation workflows.
- Produces professional After Action Reports (AAR) with strength/gap analysis and remediation trackers.
Why use this skill
Prompting a generic AI often results in shallow, linear stories. This skill follows a rigorous evaluation framework, forcing participants to make hard decisions at each stage. It integrates context from your SIEM, EDR, and SOAR tools to create realistic technical hurdles while managing the non-technical aspects like legal, PR, and executive briefings. It ensures your IR drills are audit-ready and demonstrate measurable resilience improvement.
Supported Deliverables
- Exercise Plan: Strategy, scope, and objectives.
- Facilitator Guide: Detailed prompts, expected answers, and observer notes.
- Inject Schedule: A timeline of technical and business developments.
- Scorecard & AAR: Structured evaluation of team performance and gap identification.
Details
How to install
Drop the file into your AI Agent. Works with Claude, Cursor, ChatGPT, and 20+ more.
Security Scanned
Passed automated security review
Permissions
No special permissions declared or detected