Roe
Rules of Engagement
This is a document that you will have to sign with the client after the quote and they sign the master of service agreement. The quote and master of service isn’t important to you. You will only be concerned about the rules of engagement.
The rules of engagement defines the roles and responsibilities and the details of the test agreement. It will tell you what you can and can’t do.
Contents
- Dates of the test
- Disclosure
- Status updates
- External Penetration test
- IP address
- Malware test
- Cobalt Strike, Meterpreter
- Bounds of the test
- Stop Point
- Keeping Access
- Announcement
- Project Closure
- Post Mortem
- Out of Scope (Important!)
Communication
- You will receive a customer point of contact (CPOC).
- You will provide a point of contact to the customer.