Select a threat actor and your environment type to get a structured purple team exercise plan: which ATT&CK techniques to simulate, the tools to use, what artefacts each technique should produce, and the SIEM validation queries to confirm your detection coverage.