performing-soc-tabletop-exercise
Installation
SKILL.md
Performing SOC Tabletop Exercise
When to Use
Use this skill when:
- Annual or semi-annual incident response testing is required (NIST, ISO 27001, PCI DSS compliance)
- New SOC analysts need exposure to major incident scenarios in a controlled environment
- Updated playbooks need validation before next real incident
- Cross-functional coordination (SOC, IT, Legal, PR, Executive) needs rehearsal
- Post-incident reviews reveal gaps requiring scenario-based training
Do not use as a replacement for technical purple team exercises — tabletop exercises test processes and decision-making, not technical detection capabilities.