Worked Examples
Detailed worked examples using NRECA (National Rural Electric Cooperative Association) as the target organization. These examples demonstrate each module's workflow with real-world data and tools. All data is derived from publicly available sources; breach results are hypothetical.
| Example | Module | Description |
|---|---|---|
| NRECA Domain Discovery | M2 | Certificate transparency search, subdomain enumeration (100+ subdomains under cooperative.com), remote access identification, and Google dork queries |
| NRECA Personnel Analysis | M3 | OT-relevant personnel discovery, tier assignments, email format identification, hypothetical breach database checks, and risk prioritization |
| Fortinet Vulnerability Correlation | M4 | FortiGate FortiOS 7.4.6 CPE generation, CVE-2025-59718 correlation, CISA KEV timeline, P0 classification, and risk summary |
| Google Alerts Configuration | M5 | Five NRECA-specific alert queries with configuration settings, alert routing guidance, and other push-based alert sources |
Downloadable NRECA Examples
Pre-filled monitoring documents using NRECA data from the workshop. These show what completed artifacts look like with organization-specific queries, personnel, and baseline references.
| Document | Module | Download | Description |
|---|---|---|---|
| NRECA Monitoring Checklist | M5 | Word | Weekly and monthly checklists pre-filled with NRECA queries (FortiGate Shodan search, CT for 4 domains, HIBP for Tier 1 personnel), hypothetical finding entries, and cycle summaries |
| NRECA Operational Runbook | M6 | Word | Full runbook with NRECA-specific daily triage (5 Google Alert queries), weekly checks (FortiGate, KEV, CT, HIBP), monthly review, and quarterly assessment with [CORE]/[FULL] labels and escalation contacts |