II.
Workflow overview
Reference · liveworkflow:phishing-simulation-exercise
Phishing Simulation Exercise overview
Plans and executes simulated phishing campaigns against the organization -- selecting attack vectors (credential harvesting, malware attachment, business email compromise), distributing test payloads, measuring click and credential-submission rates, analyzing response times of reporting mechanisms, debriefing results with leadership, and triggering targeted security awareness training for high-risk cohorts. Excludes real-world incident response.
Attributes
displayName
Phishing Simulation Exercise
workflowKind
security
triggerType
scheduled
typicalCadence
quarterly
complexity
cross-team
description
Plans and executes simulated phishing campaigns against the organization --
selecting attack vectors (credential harvesting, malware attachment, business
email compromise), distributing test payloads, measuring click and
credential-submission rates, analyzing response times of reporting
mechanisms, debriefing results with leadership, and triggering targeted
security awareness training for high-risk cohorts. Excludes real-world
incident response.
Outgoing edges
applies_to_domain2
- domain:cybersecurity·DomainCybersecurity
- domain:security·DomainSecurity
involves_role2
- role:security-reviewer·RoleSecurity Reviewer
- role:engineering-manager·RoleEngineering Manager
performed_by_org_unit2
- org-unit:security-team·OrgUnitSecurity Team
- org-unit:engineering·OrgUnitEngineering
requires_skill_area2
- skill-area:identity-security·SkillAreaIdentity & Access Security
- skill-area:network-security·SkillAreaNetwork Security
triggers_responsibility2
- responsibility:security-review·ResponsibilitySecurity review
- responsibility:threat-modeling·ResponsibilityThreat modeling
Incoming edges
None.