Press TechRound interviews Secure.com CEO on the future of AI security
Read

How to Set Rules of Engagement for a Red Team

Learn how to write red team rules of engagement that protect your business, define scope clearly, and still let teams test like a real attacker.

Key Takeaways

  • A rules of engagement document is what turns a red team test from a legal risk into an approved, protected exercise.
  • Every RoE needs five things at minimum: objectives, scope, authorized actions, communication protocols, and legal sign-off.
  • Autonomous red teaming still needs an RoE. The document just has to account for machine speed and constant testing instead of a two-week window.
  • Mapping your test to MITRE ATT&CK gives you a shared language between the red team and the people defending the network.
  • Your blue team’s readiness matters as much as your red team’s plan. A test only pays off if someone is watching for it.

A red team at a financial company once used a public LinkedIn post to figure out which software version an employee’s laptop was running. That one post led to a foothold on the internal network. No firewall stopped it. No rule was broken. The team was simply doing what real attackers do, and the rules of engagement they signed beforehand made sure that was expected, not an accident.

That is the whole point of rules of engagement. Without one, a red team test is just unauthorized hacking with better intentions.

What a Red Team Rules of Engagement Document Actually Does

A rules of engagement document, usually shortened to RoE, spells out what a red team is allowed to do, where they can do it, and who signs off on the whole thing. Think of it as the contract that keeps a simulated attack from turning into a real incident.

Without one, things go wrong fast. A test with no clear scope can end up hitting production servers the client never meant to include. A test with no communication plan can leave the security team responding to what they think is a real breach, wasting hours chasing a threat that was never real in the first place.

Red teaming is not the same as a regular penetration test, and that difference matters for how you write the RoE. A pentest usually tries to find and confirm as many vulnerabilities as it can across a wide surface. Red teaming picks one goal, like reaching a specific data set or admin account, and tests whether your people and tools would catch a determined attacker trying to get there through adversary emulation and real-world tactics, techniques, and procedures.

How to Build Red Team Rules of Engagement Step by Step

You don’t need a 40-page legal document to run a solid engagement. You do need to cover these parts, in this order.

RULES OF ENGAGEMENT

Five things every RoE needs, in order

Skip one of these and it stops being a red team exercise — it’s just hoping nothing breaks.

1

Objective

One sentence on what you’re actually testing — detection, access, or resilience.

2

Scope

Exact IPs, domains, and apps in bounds — and what’s explicitly off limits.

3

Authorized Actions

What the team can touch, create, or disrupt — and what needs its own sign-off.

4

Communication

A trusted agent, a check-in schedule, and a kill switch if things spiral.

5

Legal Sign-off

Signed by someone with real authority over the systems being tested.

A tight two-page RoE that covers all five beats a 30-page document full of filler.

Set the Objective First

Before anything else, decide what you’re actually testing. Are you checking if your SOC can detect lateral movement? Testing whether a phishing email can reach finance? Trying to see how far someone could get after stealing a laptop?

Write the objective as one sentence. If you can’t do that, the scope conversation that follows will be a mess.

Define the Scope Boundaries

This is where most disputes happen later, so get specific.

  • List exact IP ranges, domains, and applications that are in scope.
  • Call out anything that looks close but is off limits, like a shared vendor environment or a production database with real customer data.
  • Decide if physical access attempts (badge cloning, tailgating into an office) are part of this round or saved for later.
  • Set a start and end date. Red team work that drags on for weeks stops being a focused test and starts looking like an open-ended pentest.

Spell Out What’s Authorized and What’s Not

Vague language here causes real damage. Say plainly what the team can and cannot do:

  • Can they view or modify files, including personal data or emails, if it helps prove access?
  • Are they allowed to create new accounts, or only modify existing ones without deleting them?
  • Is any form of denial of service testing allowed, even briefly?
  • Which tools are approved, and which are explicitly banned?

A good rule of thumb: if an action could cause downtime or destroy data, it needs its own line item and its own approval, not a blanket yes.

Build a Communication and Deconfliction Plan

Someone on the client side, often called a trusted agent or white team lead, needs to know the test is happening even if the rest of the SOC does not. This person is your safety valve.

  • Set a check-in schedule, whether that’s daily or only at major milestones.
  • Agree on a kill switch phrase or process to pause the test immediately if something looks like it’s spiraling.
  • Decide how the red team reports a real vulnerability they weren’t expecting to find, like an unrelated open S3 bucket sitting outside the agreed scope.

This part protects everyone. The RoE should be signed by someone who actually has authority over the systems being tested, not just a manager who wants the test to happen. Keep a copy on file. If a question ever comes up about whether an action was authorized, this document is the answer.

Plan the Cleanup

Testing doesn’t end when the report is written. The team needs to remove any accounts they created, delete test malware and command and control tools, and revoke any access they were given. Leftover backdoors from a red team test are just as dangerous as ones left by a real attacker.

What Changes When You Add Autonomous Red Teaming and MITRE ATT&CK

Traditional red teaming runs on a calendar. A human team plans an engagement, tests for two or three weeks, then writes a report. Autonomous red teaming doesn’t wait for a quarterly window. AI-driven agents can run continuously, adjusting tactics in real time based on what the environment throws back at them.

That changes what your RoE needs to cover. A few things to add:

When red teaming never stops

Autonomous agents test continuously instead of within a two-week window — so the RoE has to work at machine speed too.

AUTONOMOUS RED TEAMING

Approval Thresholds

Destructive or ambiguous actions stay human-in-the-loop. Low-risk, read-only actions run on their own.

Always-On Scope Enforcement

No human rechecks scope hourly, so the system validates every action against the boundary itself. Anything outside gets logged, not probed.

Continuous Review Cadence

A running review schedule replaces the single end-of-engagement report.

MITRE ATT&CK Shared vocabulary: mapping findings to named techniques makes “persistence via registry run key” mean something specific — not just “they got in and stayed in.”
  • Approval thresholds. Decide which actions the autonomous system can take on its own and which ones need a human to click approve first. Most mature setups keep destructive or ambiguous actions in a human-in-the-loop model, while low-risk, read-only actions run automatically.
  • Always-on scope enforcement. Since there’s no human rechecking scope every hour, the system itself has to validate every action against the approved boundary before it fires. Anything discovered outside that boundary should get logged, not probed.
  • Review cadence. Continuous testing needs a continuous review schedule too, not just a single report at the end.

This is also where MITRE ATT&CK earns its place in the conversation. ATT&CK is a public library of real tactics, techniques, and procedures used by known threat actors. Anchoring your red team plan to specific ATT&CK techniques does two things. It makes the test realistic instead of random, and it gives your defenders a shared vocabulary to talk about what happened. A finding that says “the team achieved persistence through a registry run key” means something specific and repeatable, in a way that “they got in and stayed in” does not.

Secure.com — Infrastructure Security Teammate

Get your infrastructure ready before the red team finds the gaps for you

A short posture review a week before kickoff often surfaces the exact issues a red team would otherwise report — this time with a fix already in motion instead of a finding on a page.

Continuous asset discovery

Across AWS, Azure, GCP, SaaS, and on-premises — no quarterly spreadsheet needed.

Benchmarked configurations

Checked against CIS Benchmarks, NCP, DISA STIG, and vendor standards.

Real-time drift detection

Triggers automated or approval-based remediation the moment configs drift.

Attack Path blast-radius view

See what a misconfigured role or exposed asset actually leads to — not just the single finding.

Meet the Infrastructure Security Teammate Proactive posture hardening, before testing begins.

FAQs

How long should a red team rules of engagement document be?
There’s no fixed page count. What matters is that it covers objectives, scope, authorized actions, communication plans, and sign-off. A tight two-page RoE that covers all five beats a 30-page document full of filler.
Who should approve the rules of engagement before testing starts?
Someone with real authority over the systems in scope, usually a senior security leader or CISO, plus a legal review if sensitive data or regulated systems are involved. The approver should also have the power to pause or stop the test.
Can rules of engagement change once a red team test has started?
Yes, but only with agreement from everyone involved. If the team wants to expand into physical access attempts or a new part of the network that wasn’t in the original scope, that change needs to be documented and approved before anyone acts on it.
Do autonomous red team tools still need a signed rules of engagement?
Yes, arguably more than a human-led test does. Since the system can act continuously without someone reviewing every step, the RoE needs to define approval thresholds and scope enforcement rules the tool itself follows, not just guidelines for a person to remember.

Conclusion

A rules of engagement document is not paperwork you rush through to get to the fun part. It’s what makes the fun part possible in the first place. Get the objective, scope, authorized actions, communication plan, and sign-off right, and your red team can test like a real adversary without putting the business at risk. Skip any one of those, and you’re not running a red team exercise. You’re just hoping nothing breaks.