<< All Posts

Backdoors and Breaches Expansion Deck

May 10, 2021

TL;DR: Looking for a new and interactive way to prepare your security team? Black Hills Information Security created an Incident Response Card Game called Backdoors & Breaches to break down attack methods, tactics and tools.

You have heard us say this many times, security is about people, process, and technology. SCYTHE allows you to test, measure, and improve all three. One way that we facilitate training people about what an attack looks like is to display the adversary emulation plan, step by step, prior to execution. We encourage having a table-top discussion about each adversary behavior to get an idea of what expectations everyone has for each attack step and learn more about how the attack works. Then you execute the adversary emulation plan in a real environment and see it in action. This is a great, practical way to train. However, this is not the only way and we want to share a fantastic table-top game that can help foster collaboration as well as train your team: Backdoors & Breaches.

What is Backdoors & Breaches?

Backdoors & Breaches (B&B) is an Incident Response Card Game, from our partners at Black Hills Information Security. Backdoors & Breaches contains 52 unique cards (and now an expansion pack) to help you conduct incident response table-top exercises and learn attack tactics, tools, and methods. You can play B&B with a physical card deck or online. Here is a video on how to play

The original deck comes with 52 unique cards:

  • (10) Initial Compromise
  • (7) Pivot and Escalate
  • (9) Persistence
  • (6) C2 and Exfil
  • (10) Procedures
  • (10) Injects

It takes four cards to build an incident, one from each attack category (Initial Compromise, Pivot and Escalate, Persistence, and C2 and Exfil) and you can have as many as 3,840 Incident Scenarios! It is such a fun and educational table-top game that we highly recommend you play it with your team.

Expansion Deck

The first expansion deck was released on May 6, 2021 and includes our very own CTO, Jorge Orchilles, as one of the 8 consultants that can be drawn. To use Jorge Orchilles in your incident response, the incident master must reveal the C2 and Exfil Card. We think this fits our CTO quite well, given his work as a co-creator of the C2 Matrix with Bryson Bort and Adam Mashinchi. 


Jorge Orchilles playing card lists his specialties as well as his favorite infosec quote.

“Offense informs defense and defense informs offense.”


Attack, Detect, and Respond

Backdoor & Breaches is a great table-top game to learn how attacks work and go through a high-level incident response. It allows a fun way to foster collaboration between your teams. As Jorge’s favorite quote implies, we have to work together to be better. This is why at SCYTHE we push collaboration via Purple Team exercises. As the industry leading Purple Team platform, we provide a way to easily test, measure, and improve your people, process, and technology with our Attack, Detect, and Response methodology. Check out our paper here.


STAY UP TO DATE WITH OUR CONTENT!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form

More Unicorn Content

See All Posts

let our tech speak for itself

Know where you stand with SCYTHE. Talk to us to start the evaluation process today! We’d love to talk to you about how SCYTHE can fit into your cybersecurity workflow.

EVALUATE

LEARN MORE