Quarter:
Year:
Provide a concise summary of program progress during the reporting period.
Suggested topics:
- major accomplishments
- important structural improvements
- meaningful content growth
- key gaps identified
- priority next steps
Examples:
- new foundational documents completed
- new detections added
- content standardized
- triage guides expanded
- tracking matrix improved
- coverage gaps documented
- governance updates completed
Include:
- total detections
- detections added this quarter
- detections updated this quarter
- detections by lifecycle
- detections by tactic
- detections by platform or data source if relevant
Describe:
- ATT&CK coverage growth
- tactic areas strengthened
- major gaps that remain
- gap closure work completed this quarter
Optional artifacts:
- coverage matrix
- charts
- visual summaries
Summarize progress in:
- process documentation
- governance standards
- triage guides
- templates
- tracking matrix quality
- reporting maturity
Describe the current state of:
- detections with owners
- detections with triage guides
- detections with validation notes
- lifecycle progression
- readiness for future validation or deployment maturity
Document key issues affecting program growth.
Examples:
- telemetry limitations
- incomplete mappings
- documentation backlog
- lack of validation evidence
- competing priorities
- platform constraints
Summarize:
- major active exceptions
- process deviations
- content areas operating with known limitations
- upcoming reviews or expirations if relevant
Provide status against roadmap phases.
Example structure:
- Phase 1 — Foundation: complete / in progress
- Phase 2 — Content Standardization: in progress
- Phase 3 — Validation Framework: planned
- Phase 4 — Coverage Expansion: in progress
Suggested metrics:
- total detections
- detections by lifecycle
- detections with owners
- detections with triage guides
- detections with complete metadata
- gaps identified
- gaps closed
List the most important goals for the upcoming quarter.
Examples:
- continue detection metadata normalization
- expand triage-ready content
- improve ATT&CK mapping completeness
- define validation folder structure
- strengthen CI/CD quality checks
- begin multi-platform planning
Document any support needed from leadership or stakeholders.
Examples:
- telemetry onboarding decisions
- prioritization support
- engineering time allocation
- tooling support
- validation environment needs
Optional supporting artifacts:
- coverage matrix
- tracking matrix summary
- visuals
- milestone snapshots
- documentation completion list