Phishing Simulation Exercise

workflow:phishing-simulation-exercise

Workflowworkflows/workflows/workflows-security-compliance-deep.yaml·Open in Graph →

{
  "id": "workflow:phishing-simulation-exercise",
  "_kind": "Workflow",
  "_file": "workflows/workflows/workflows-security-compliance-deep.yaml",
  "_cluster": "workflows",
  "attributes": {
    "displayName": "Phishing Simulation Exercise",
    "workflowKind": "security",
    "triggerType": "scheduled",
    "typicalCadence": "quarterly",
    "complexity": "cross-team",
    "description": "Plans and executes simulated phishing campaigns against the organization --\nselecting attack vectors (credential harvesting, malware attachment, business\nemail compromise), distributing test payloads, measuring click and\ncredential-submission rates, analyzing response times of reporting\nmechanisms, debriefing results with leadership, and triggering targeted\nsecurity awareness training for high-risk cohorts. Excludes real-world\nincident response.\n"
  },
  "outgoingEdges": [
    {
      "from": "workflow:phishing-simulation-exercise",
      "to": "role:security-reviewer",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:phishing-simulation-exercise",
      "to": "role:engineering-manager",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:phishing-simulation-exercise",
      "to": "skill-area:identity-security",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:phishing-simulation-exercise",
      "to": "skill-area:network-security",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:phishing-simulation-exercise",
      "to": "domain:cybersecurity",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:phishing-simulation-exercise",
      "to": "domain:security",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:phishing-simulation-exercise",
      "to": "responsibility:security-review",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:phishing-simulation-exercise",
      "to": "responsibility:threat-modeling",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:phishing-simulation-exercise",
      "to": "org-unit:security-team",
      "kind": "performed_by_org_unit",
      "attributes": {}
    },
    {
      "from": "workflow:phishing-simulation-exercise",
      "to": "org-unit:engineering",
      "kind": "performed_by_org_unit",
      "attributes": {}
    }
  ],
  "incomingEdges": []
}

{ "id": "workflow:phishing-simulation-exercise", "_kind": "Workflow", "_file": "workflows/workflows/workflows-security-compliance-deep.yaml", "_cluster": "workflows", "attributes": { "displayName": "Phishing Simulation Exercise", "workflowKind": "security", "triggerType": "scheduled", "typicalCadence": "quarterly", "complexity": "cross-team", "description": "Plans and executes simulated phishing campaigns against the organization --\nselecting attack vectors (credential harvesting, malware attachment, business\nemail compromise), distributing test payloads, measuring click and\ncredential-submission rates, analyzing response times of reporting\nmechanisms, debriefing results with leadership, and triggering targeted\nsecurity awareness training for high-risk cohorts. Excludes real-world\nincident response.\n" }, "outgoingEdges": [ { "from": "workflow:phishing-simulation-exercise", "to": "role:security-reviewer", "kind": "involves_role", "attributes": {} }, { "from": "workflow:phishing-simulation-exercise", "to": "role:engineering-manager", "kind": "involves_role", "attributes": {} }, { "from": "workflow:phishing-simulation-exercise", "to": "skill-area:identity-security", "kind": "requires_skill_area", "attributes": {} }, { "from": "workflow:phishing-simulation-exercise", "to": "skill-area:network-security", "kind": "requires_skill_area", "attributes": {} }, { "from": "workflow:phishing-simulation-exercise", "to": "domain:cybersecurity", "kind": "applies_to_domain", "attributes": {} }, { "from": "workflow:phishing-simulation-exercise", "to": "domain:security", "kind": "applies_to_domain", "attributes": {} }, { "from": "workflow:phishing-simulation-exercise", "to": "responsibility:security-review", "kind": "triggers_responsibility", "attributes": {} }, { "from": "workflow:phishing-simulation-exercise", "to": "responsibility:threat-modeling", "kind": "triggers_responsibility", "attributes": {} }, { "from": "workflow:phishing-simulation-exercise", "to": "org-unit:security-team", "kind": "performed_by_org_unit", "attributes": {} }, { "from": "workflow:phishing-simulation-exercise", "to": "org-unit:engineering", "kind": "performed_by_org_unit", "attributes": {} } ], "incomingEdges": [] }