If you haven't run a joint exercise with red/blue, you can setup time to perform a postmortem of what happened during a previous red team engagement.
- Walk step by step over the engagement, and review the steps performed (kill chain)
- For each step ensure you can answer the following
- If you can't answer the answers above, assign actions/tasks to specific team members to ensure followup is performed
