Backdoors and Breaches Expansion Deck
    TL;DR: Looking for a new and interactive way to prepare your security team? Black Hills Information Security created an Incident Response Card Game called Backdoors & Breaches to break down attack methods, tactics and tools.

    You have heard us say this many times, security is about people, process, and technology. SCYTHE allows you to test, measure, and improve all three. One way that we facilitate training people about what an attack looks like is to display the adversary emulation plan, step by step, prior to execution. We encourage having a table-top discussion about each adversary behavior to get an idea of what expectations everyone has for each attack step and learn more about how the attack works. Then you execute the adversary emulation plan in a real environment and see it in action. This is a great, practical way to train. However, this is not the only way and we want to share a fantastic table-top game that can help foster collaboration as well as train your team: Backdoors & Breaches.

    What is Backdoors & Breaches?

    Backdoors & Breaches (B&B) is an Incident Response Card Game, from our partners at Black Hills Information Security. Backdoors & Breaches contains 52 unique cards (and now an expansion pack) to help you conduct incident response table-top exercises and learn attack tactics, tools, and methods. You can play B&B with a physical card deck or online. Here is a video on how to play

    The original deck comes with 52 unique cards:

    • (10) Initial Compromise
    • (7) Pivot and Escalate
    • (9) Persistence
    • (6) C2 and Exfil
    • (10) Procedures
    • (10) Injects

    It takes four cards to build an incident, one from each attack category (Initial Compromise, Pivot and Escalate, Persistence, and C2 and Exfil) and you can have as many as 3,840 Incident Scenarios! It is such a fun and educational table-top game that we highly recommend you play it with your team.

    Expansion Deck

    The first expansion deck was released on May 6, 2021 and includes our very own CTO, Jorge Orchilles, as one of the 8 consultants that can be drawn. To use Jorge Orchilles in your incident response, the incident master must reveal the C2 and Exfil Card. We think this fits our CTO quite well, given his work as a co-creator of the C2 Matrix with Bryson Bort and Adam Mashinchi. 

     

    Jorge Orchilles playing card lists his specialties as well as his favorite infosec quote.

    “Offense informs defense and defense informs offense.”

    Attack, Detect, and Respond

    Backdoor & Breaches is a great table-top game to learn how attacks work and go through a high-level incident response. It allows a fun way to foster collaboration between your teams. As Jorge’s favorite quote implies, we have to work together to be better. This is why at SCYTHE we push collaboration via Purple Team exercises. As the industry leading Purple Team platform, we provide a way to easily test, measure, and improve your people, process, and technology with our Attack, Detect, and Response methodology. Check out our paper here.

     

    Latest Posts

    TSA SD-02C: Critical Infrastructure Cyber Regulations
    TSA SD-02C: Critical Infrastructure Cyber Regulations
    April 22,2024
    SCYTHE: Connecting the Red and Blue Transforming Controls Validation with Smart Tagging
    SCYTHE: Connecting the Red and Blue Transforming Controls Validation with Smart Tagging
    April 17,2024
    Transforming Proactive Cybersecurity with SCYTHE's AI Assistant: Cl0ppy
    Transforming Proactive Cybersecurity with SCYTHE's AI Assistant: Cl0ppy
    March 20,2024
    Achieving Annual PenTest Compliance via Purple Teaming
    Achieving Annual PenTest Compliance via Purple Teaming
    March 18,2024
    Ransomware Defense: Adversarial Emulation for Hospitals and Healthcare
    Ransomware Defense: Adversarial Emulation for Hospitals and Healthcare
    March 11,2024

    Related Articles