Would it make sense to add tips to the Blue Team on how to defend against attacks in a particular machine part of the writeup when its retired.
I know it’s straight forward for certain exploits which is to patch and keep the machine updated. However for machines which uses misconfiguration or other types of vulnerabilities or bypass mechanics to attain user or root.
This will help a lot for defenders to build their knowledge to avoid such cases. Please advise if this makes sense.