Full Report
This webcast was originally given live on June 5th, 2019 by John Strand and the BHIS (card) Testers. How To Play! download and print a pdf version of “how to […] The post Webcast: Introducing Backdoors & Breaches Incident Response Card Game appeared first on Black Hills Information Security, Inc..
Analysis Summary
Based on the provided context, the article describes a card game related to incident response, not a specific piece of malware, attack tool, or detailed technique with associated MITRE ATT&CK mappings or specific TTPs.
Here is the summary structured according to the required format, reflecting the nature of the content discussed:
# Tool/Technique: Backdoors & Breaches (Card Game)
## Overview
"Backdoors & Breaches" is a tabletop card game designed to simulate and convey the core components, procedures, and technology needed when working through a cybersecurity incident. It aims to educate players on incident response mechanics.
## Technical Details
- Type: Tool (Educational/Simulation Game)
- Platform: N/A (Physical card game)
- Capabilities: Simulating incident response scenarios, teaching core IR components, providing feedback on incident building procedures.
- First Seen: Webcast presented on June 5th, 2019.
## MITRE ATT&CK Mapping
*Note: Since this is an educational tool about incident response, direct offensive TTP mapping is not applicable. It relates conceptually to the **Response** tactic.*
- TA0009 - Collection (Conceptual relevance to gathering IR data)
- TA0010 - Exfiltration (Conceptual relevance to understanding data loss)
## Functionality
### Core Capabilities
- Teaches the procedures and technology required for incident handling.
- Facilitates learning through active engagement (card game mechanics).
- Provides a mechanism for quickly building a representative security incident scenario.
### Advanced Features
- Integrates with "Cubicles and Compromises" (Dungeons & Dragons synergy).
- Intended to be freely available at conventions ("cons").
## Indicators of Compromise
- File Hashes: N/A
- File Names: N/A
- Registry Keys: N/A
- Network Indicators: N/A
- Behavioral Indicators: N/A
## Associated Threat Actors
- N/A (This is an educational product, not an attacker tool)
## Detection Methods
- N/A
## Mitigation Strategies
- N/A (It is a training/engagement tool)
## Related Tools/Techniques
- Cubicles and Compromises (D&D module mentioned as associated content)