cqrenet/antifragile
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
097e93a4312c8d584282ac87fbb4d45c829ab8d4
antifragile/antifragile-consulting/index.md
T
Claude Sonnet 4.6 097e93a431 feat: Add sample engagement for mid-market hybrid organisation 
New: playbooks/sample-engagement-mid-market.md
  Client profile: 500 employees, 10 admins, AD+M365 E3, Intune,
  3rd party on-prem/cloud mix, NIS2 important entity, 3 offices,
  hybrid work, 80 external contractors. Fictional: Nexus Operations s.r.o.

  Sections:
  - Client profile and engagement context
  - Discovery call findings and disqualifier check
  - Brownhat Diagnostic: kill chain analysis, P0/P1/P2 findings table
  - 5 quick wins closeable before Day 30
  - Module recommendation and rationale (Modules 2, 6, 1, 7)
  - Day 30/90/180 deliverables specific to this client
  - Findings backlog pre-populated (23 items, P0 all closed by Day 90)
  - NIS2 Article 21 compliance map with evidence per measure
  - Investment estimate (55-80 consultant days)
  - Consultant notes: CISO handover, NIS2 pressure, two-domain AD,
    SAP credentials scope, contractor offboarding process dependency

index.md: Sample engagement added to playbooks table

Co-Authored-By: Tom Kracmar <tom+claude@cat6.cz>
2026-06-05 10:26:20 +00:00

155 lines
14 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Antifragile Enterprise Consulting Repository — Index
## For Executives and Board Members
Start here. These documents require no technical background.
| Document | Purpose | Audience |
|----------|---------|----------|
| [About CQRE](core/about-cqre.md) | Who we are, what we do, how we're different — fill this before sharing with clients | CEOs, New Clients, New Hires |
| [O společnosti CQRE](core/about-cqre-cs.md) | Česká verze firemního profilu — pro české klienty a nové členy týmu | Czech Clients, New Hires |
| [Executive Summary](core/executive-summary.md) | One-page strategic overview — read this first | CEOs, Boards, Executive Committees |
| [C-Suite Conversation Guide](core/c-suite-conversation-guide.md) | Scripts, objection handling, and psychological framing | Executives, Advisors |
| [Business Case Template](playbooks/business-case-template.md) | Financial justification, ROI, and risk quantification | CFOs, Boards, Risk Committees |
| [Modular Engagements](core/modular-engagements.md) | Menu of independent modules; choose your starting point | CEOs, CFOs, Procurement |
*For the strategic philosophy, see [Core Frameworks](#core-frameworks) below.*
## For Practitioners and Consultants
Operational and persuasion documents used in engagements. **Start every new client with the [NIST CSF 2.0 Baseline Assessment](assessment-templates/nist-csf-baseline.md)** (the Brownhat Diagnostic) to earn the right to recommend anything.
| Document | Purpose | Audience |
|----------|---------|----------|
| [README](README.md) | Repository overview and quick start | Everyone |
| [Engagement Model](core/engagement-model.md) | How engagements work: lifecycle, client requirements, deliverables, pricing, and consultant delivery discipline | Clients, New Consultants |
| [Consultant Field Guide](core/consultant-field-guide.md) | Internal playbook: decision models, client qualification, module selection, common mistakes, technical onboarding, proposal writing | New Consultants |
| [NIST CSF 2.0 Baseline Assessment](assessment-templates/nist-csf-baseline.md) | The Brownhat Diagnostic: entry workshop for every new engagement | Consultants, CISOs, IT Managers |
| [AI Operations Inevitability](core/ai-operations-inevitability.md) | Defensive AI is inevitable; business AI is optional | CISOs, CTOs, Consultants |
| [Azure OpenAI Sovereignty Bridge](core/azure-openai-sovereignty-bridge.md) | Azure OpenAI/Foundry as pragmatic sovereignty step | CTOs, Architects, Consultants |
| [Organizational Resilience](core/organizational-resilience.md) | Shift left and Dev/Sec/Ops merger talking points | CTOs, CISOs, Consultants |
| [Embedded Quality Assurance](core/quality-management-engagement.md) | Process assurance for teams feeling "not in control" | Heads of Security, Operations, Project Leaders |
| [Blue/Purple Team Foundation](core/blue-purple-team-foundation.md) | Building defensive capability from existing tool investments | CISOs, SOC Managers, Security Architects |
| [Retained Capability](core/retained-capability.md) | What to keep in-house when outsourcing SOC, pentest, compliance | CISOs, CFOs, Procurement |
*For the engagement posture and philosophy, see [Core Frameworks](#core-frameworks) below.*
## Core Frameworks
| Document | Purpose | Audience |
|----------|---------|----------|
| [Move Fast and Fix Things](core/move-fast-and-fix-things.md) | Speed, repair, and maximizing existing investment | Consultants, Executives |
| [Antifragile Manifest](core/antifragile-manifest.md) | Five pillars of antifragile enterprise | Executives, Architects, Consultants |
| [AI Sovereignty Framework](core/ai-sovereignty-framework.md) | Strategic arguments and implementation for local AI | CISOs, CTOs, Security Architects |
| [T0 Asset Framework](core/t0-asset-framework.md) | Tier 0 classification and protection for critical assets | Security Architects, Infrastructure Leads |
| [Spontaneous Order Principles](core/spontaneous-order-principles.md) | Philosophical foundation for the five pillars | Executives, Architects, Strategists |
## Playbooks
| Document | Purpose | Audience |
|----------|---------|----------|
| [Rapid Modernisation Plan](playbooks/rapid-modernisation-plan.md) | 30-60-90-180 day transformation roadmap | Program Managers, Consultants, CISOs |
| [Endpoint Management Entry Vector](playbooks/endpoint-management-entry-vector.md) | Intune/device management as the ideal engagement entry point | M365 Consultants, Account Managers |
| [AI-Assisted TVM Blueprint](playbooks/ai-assisted-tvm.md) | AI-powered vulnerability management for AI-powered adversaries | CTOs, CISOs, Vulnerability Management |
| [Zero-Budget Vulnerability Discovery](playbooks/zero-budget-vulnerability-discovery.md) | Script-based and osquery-based server/container vuln discovery without Tenable/Qualys | Security Engineers, Consultants |
| [Perimeter Scanning Capability](playbooks/perimeter-scanning-capability.md) | External attack surface strategy: build, partner, or hybrid | Security Architects, Consultants |
| [Osquery: The Sovereign Discovery Platform](playbooks/osquery-custom-platform.md) | Build a custom vulnerability and asset inventory platform on osquery | Security Engineers, Consultants, CTOs |
| [M365 Antifragile Project](playbooks/m365-antifragile-project.md) | Greenfield and modernisation with antifragile design | M365 Consultants, Project Managers |
| [M365 E3 Hardening](playbooks/m365-e3-hardening.md) | Tactical hardening for M365 E3 environments | M365 Consultants, Security Engineers |
| [AD and Endpoint Hardening](playbooks/ad-endpoint-hardening.md) | On-prem AD, Windows endpoints, hybrid identity | Infrastructure Consultants, Security Engineers |
| [Zero-Budget Hardening](playbooks/zero-budget-hardening.md) | Maximize existing tools, minimize new purchases | Consultants, CISOs, IT Managers |
| [Implementation Playbook](playbooks/implementation-playbook.md) | Tactical step-by-step delivery guide | Technical Leads, Security Engineers |
| [Sample Engagement: Mid-Market Hybrid](playbooks/sample-engagement-mid-market.md) | Complete worked example: 500 employees, AD+M365 E3, NIS2 scope — findings, kill chain, module sequence, Day 30/90/180 deliverables, populated backlog | Consultants, New Hires |
| [CQRE Product Suite](playbooks/cqre-product-suite.md) | ASTRAL, PULSAR, and AURORA: product details, framework alignment, deployment, and positioning | Consultants, Account Managers |
| [Sovereign Tool Stack](playbooks/sovereign-tool-stack.md) | Full arsenal: Prowler, BloodHound, CISO Assistant, ASTRAL, PULSAR, AURORA, Wazuh, Shuffle | Consultants, CTOs, CISOs |
| [Privileged Access Architecture](playbooks/privileged-access-architecture.md) | PAM design: Teleport, Tailscale/Headscale, JIT access, vendor access governance | Security Architects, Infrastructure Consultants, OT Leads |
| [Sovereign Communications](playbooks/sovereign-communications.md) | Delta Chat chatmail relay, Matrix/Element, crisis out-of-band channels | CISOs, Operations Leads, Incident Response |
| [Business Case Template](playbooks/business-case-template.md) | Financial justification, ROI, risk quantification | CFOs, Boards, Consultants |
## Standards Reference
| Document | Purpose | Audience |
|----------|---------|----------|
| [CIS Controls v8 Mapping](reference/cis-controls-mapping.md) | IG1-IG3 alignment with antifragile actions | Consultants, Auditors, Compliance |
| [NIST CSF 2.0 Mapping](reference/nist-csf-mapping.md) | CSF function mapping and evidence package | Consultants, Auditors, Compliance |
## Vertical References
| Document | Purpose | Audience |
|----------|---------|----------|
| [Vertical: Power and Utilities](reference/vertical-power-utilities.md) | Power generation, transmission, water, OT, NIS2/CER | Consultants in energy/water sectors |
| [Vertical: Telco](reference/vertical-telco.md) | Mobile/fixed operators, signaling security, 5G, fraud | Consultants in telecommunications |
| [Vertical: Banking](reference/vertical-banking.md) | Financial services, DORA, PSD2, SWIFT CSP alignment | Consultants in banking/fintech sectors |
## Assessment and Tools
| Document | Purpose | Audience |
|----------|---------|----------|
| [Findings Backlog](assessment-templates/findings-backlog.md) | Single source of truth for all findings across every engagement; input queue for the housekeeping stream; pragmatic alternative to a formal risk register | Consultants, IT Leads, Client Teams |
| [NIST CSF 2.0 Baseline Assessment](assessment-templates/nist-csf-baseline.md) | The Brownhat Diagnostic: structured 2-half-day workshop, gap analysis, prioritised module roadmap | Consultants, CISOs, IT Managers |
| [NIST CSF 2.0 — česká verze](assessment-templates/nist-csf-baseline-cs.md) | Brownhat Diagnostika: dotazníky a průvodce workshopem v češtině | Consultants running Czech-language workshops |
| [Module Completion Report](assessment-templates/module-completion-report.md) | Template for the deliverable package at the end of every module | Consultants |
| [Risk Register Example](assessment-templates/risk-register-example.md) | 8 fully populated risk entries from a realistic engagement — calibration reference for consultants | Consultants |
| [Antifragile Risk Register](assessment-templates/antifragile-risk-register.md) | Kill chain-aware risk taxonomy and register template | Risk Managers, Consultants |
| [M365 Project Risk Register](assessment-templates/m365-project-risk-register.md) | M365-specific risk register with phase gates | Project Managers, M365 Consultants |
| [Assessment Templates](assessment-templates/README.md) | Future diagnostic tools and maturity models | Consultants, Auditors |
## Navigation by Role
### For the Executive Sponsor
1. [Move Fast and Fix Things](core/move-fast-and-fix-things.md) — understand the engagement posture and speed philosophy
2. [Spontaneous Order Principles](core/spontaneous-order-principles.md) — understand why antifragile design works at a systems level
3. [Antifragile Manifest](core/antifragile-manifest.md) — understand the strategic philosophy
4. [AI Sovereignty Framework](core/ai-sovereignty-framework.md) — read the executive summary and five strategic arguments
5. [Rapid Modernisation Plan](playbooks/rapid-modernisation-plan.md) — review phases and governance cadence
6. [Zero-Budget Hardening](playbooks/zero-budget-hardening.md) — understand how existing investments are maximized
### For the Security Architect
1. [T0 Asset Framework](core/t0-asset-framework.md) — master the classification and protection model
2. [Implementation Playbook](playbooks/implementation-playbook.md) — follow the workstreams for identity, perimeter, and resilience
3. [Spontaneous Order Principles](core/spontaneous-order-principles.md) — architectural philosophy for why decentralized resilience outperforms centralized control
4. [Rapid Modernisation Plan](playbooks/rapid-modernisation-plan.md) — adapt phases to organizational context
### For the Consultant
**Start here (read in order before your first engagement):**
1. [README](README.md) — repository orientation
2. [Move Fast and Fix Things](core/move-fast-and-fix-things.md) — the Brownhat methodology and engagement posture
3. [Engagement Model](core/engagement-model.md) — lifecycle, scoping, pricing, delivery discipline, and how to handle difficult situations
4. [Consultant Field Guide](core/consultant-field-guide.md) — decision models, client qualification, module selection, the ten common mistakes, technical onboarding, and proposal writing
5. [Antifragile Manifest](core/antifragile-manifest.md) — the five pillars and their client-facing translation
6. [Spontaneous Order Principles](core/spontaneous-order-principles.md) — the philosophical foundation for why antifragile design works
7. [C-Suite Conversation Guide](core/c-suite-conversation-guide.md) — scripts, objection handling, and psychological framing for every executive archetype
**Then study the module delivery toolkit:**
8. [NIST CSF 2.0 Baseline Assessment](assessment-templates/nist-csf-baseline.md) — run this first with every new client (the Brownhat Diagnostic)
9. [Modular Engagements](core/modular-engagements.md) — the full module menu (Modules 114) and platform adaptation guide
10. [CQRE Product Suite](playbooks/cqre-product-suite.md) — ASTRAL, PULSAR, and AURORA: what they do, how they fit the framework, and how to deploy them
11. [Sovereign Tool Stack](playbooks/sovereign-tool-stack.md) — the full arsenal: CQRE tools, open-source stack, commercial partnerships, and when to use each
12. [M365 E3 Hardening](playbooks/m365-e3-hardening.md) — primary client environment for MS clients (most are E3)
13. [AD and Endpoint Hardening](playbooks/ad-endpoint-hardening.md) — on-premises identity and endpoint depth
14. [Privileged Access Architecture](playbooks/privileged-access-architecture.md) — Module 13: Teleport, Tailscale/Headscale, JIT access, vendor remote access governance
15. [Sovereign Communications](playbooks/sovereign-communications.md) — Module 14: Delta Chat chatmail relay, Matrix/Element, crisis out-of-band channels
**Reference when needed:**
16. [AI Sovereignty Framework](core/ai-sovereignty-framework.md) — persuasive arguments and objection handling
17. [AI Operations Inevitability](core/ai-operations-inevitability.md) — why defensive AI is not optional
18. [Organizational Resilience](core/organizational-resilience.md) — shift left and Dev/Sec/Ops merger talking points
19. [Retained Capability](core/retained-capability.md) — what to keep in-house when outsourcing SOC, pentest, compliance
20. [Zero-Budget Hardening](playbooks/zero-budget-hardening.md) — extract value from existing tools in 30 days
21. [Zero-Budget Vulnerability Discovery](playbooks/zero-budget-vulnerability-discovery.md) — script-based and osquery-based discovery before scanner procurement
22. [Osquery: The Sovereign Discovery Platform](playbooks/osquery-custom-platform.md) — build owned vulnerability and asset inventory capability
23. [Rapid Modernisation Plan](playbooks/rapid-modernisation-plan.md) — structured engagement roadmap
24. [Implementation Playbook](playbooks/implementation-playbook.md) — tactical delivery guidance
25. [Vertical: Power and Utilities](reference/vertical-power-utilities.md), [Vertical: Telco](reference/vertical-telco.md), or [Vertical: Banking](reference/vertical-banking.md) — sector-specific adaptations
26. [CIS Controls Mapping](reference/cis-controls-mapping.md) and [NIST CSF Mapping](reference/nist-csf-mapping.md) — standards alignment for auditors and regulators
---
*This index is updated as the repository grows.*
Reference in New Issue View Git Blame Copy Permalink