Skip to content

Backdoors & Breaches: Campaigns. These are short guides to help Incident Captains by giving them game ideas based on actual breaches.

Notifications You must be signed in to change notification settings

AntiSyphon/BandBCampaigns

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Backdoors & Breaches: Campaigns

Backdoors & Breaches was created at Black Hills Information Security to facilitate fast, educational, and fun Incident Response Tabletop Exercises for organizations all over the world. One of the things we're told often is, "We love the game, but sometimes it's hard to come up with a scenario that tells a story about the attack chain. Are there any guides that could help?"

Those questions were the birth of B&B: Campaigns.

Backdoors & Breaches: Campaigns are guides designed to educate players about noteworthy security breaches while discussing if their organization is ready to defend against an attack like the one presented. Each campaign guide enables the Incident Master to place specific cards into the attack chain that most closely represent a well-known breach. The Incident Master will be provided with Procedure Cards to use for the written procedures. The guide will also provide examples to help explain why a card that should succeed would fail. Finally, the story and background for the game is presented with references to help the Incident Capatin gain context before play and for the players to read afterward.

Each campaign is designed to make Tabletop Exercises even easier to educate, train, and prepare for repsponding to Incidents.

Got an idea for a campaign? Great! Use the template located here to create a new campaign. Once your ready make a pull request in GitHub. That's it! We'll review it and if everything looks good we will publish it here to share with others. (with credit of course!)

Let us know what you think! And if somehow you arrived here having never heard of Backdoors & Breaches you can learn all about the game here - https://www.backdoorsandbreaches.com

Core

The Call Came from Inside the Network

A scneario based on the Ubiquiti Breach. Is your team ready for an insider threat attempting to extort you that also happens to be on your Incident Response Team?

Scenario Guide

That's Disputable

A scenario based on the Equifax breach. How does you team handle critical vulnerablities on a publically facing system disclosing millions of PII records?

Scenario Guide

Supply & Demand

Solarwinds Supply Chain

ICS

Water Water Everywhere

A scenario where a Florida Water Treatment Plant has a security incident related to TeamViewer. Are you ready to detect outside access to a laptop in your enviornment that allows access to sensitive systems?

Scenario Guide

A Series of Tubes

Colonial Pipeline

You Spin Me Right Round

Stuxnet

About

Backdoors & Breaches: Campaigns. These are short guides to help Incident Captains by giving them game ideas based on actual breaches.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published