Works with the AI tools you already use

    CCCGGVW

    Security Operations Tabletop Exercise Facilitator

    2

    Design, facilitate, and document professional security incident response tabletop exercises and after-action reports.

    $15

    · or 75 credits

    30-day refund guarantee

    Secure checkout via Stripe

    About this skill

    High-Fidelity Security Tabletop Facilitation

    This skill automates the complex process of designing, running, and documenting professional security operations tabletop exercises (TTX). Instead of spending days drafting scenarios and injects, developers and security leads can generate comprehensive exercise packages tailored to their specific stack and playbooks.

    What it does

    • Architects realistic multi-stage incident scenarios (Ransomware, BEC, Supply Chain, etc.).
    • Generates timed "injects" with specific evidence artifacts (log snippets, alerts, tickets).
    • Validates existing IR playbooks and cross-functional escalation workflows.
    • Produces professional After Action Reports (AAR) with strength/gap analysis and remediation trackers.

    Why use this skill

    Prompting a generic AI often results in shallow, linear stories. This skill follows a rigorous evaluation framework, forcing participants to make hard decisions at each stage. It integrates context from your SIEM, EDR, and SOAR tools to create realistic technical hurdles while managing the non-technical aspects like legal, PR, and executive briefings. It ensures your IR drills are audit-ready and demonstrate measurable resilience improvement.

    Supported Deliverables

    • Exercise Plan: Strategy, scope, and objectives.
    • Facilitator Guide: Detailed prompts, expected answers, and observer notes.
    • Inject Schedule: A timeline of technical and business developments.
    • Scorecard & AAR: Structured evaluation of team performance and gap identification.

    Details

    How to install

    Drop the file into your AI Agent. Works with Claude, Cursor, ChatGPT, and 20+ more.

    Security Scanned

    Passed automated security review

    Permissions

    No special permissions declared or detected

    Frequently Asked Questions