How to Use Backdoors & Breaches to do Tabletop Exercises and Learn Cybersecurity

---

---

Have you heard of Backdoors & Breaches, or even have a deck of your own, and yet… still don’t know how to use it?

We created an incident response card game that helps you and your organization conduct engaging and effective tabletop exercises. Watch us demo the game and play through the free online version so that you can use Backdoors & Breaches in your organization, club, or association.

Get Backdoors & Breaches: https://spearphish-general-store.myshopify.com/collections/backdoors-breaches-incident-response-card-game

0:00 intro to the team and Backdoors & Breaches story

2:23 Online open-source game copy

3:15 Why we sell physical copies and info for educators

3:40 Red Card (Initial Compromise)

5:28 How the “Detections” were created

7:29 Yellow Card (Pivot and Escalate)

10:56 Brown Card (C2 and EXFIL)

11:35 Purple Card (Persistence)

12:32 Game Setup

13:12 Procedures and rolling your D20

14:34 Procedures being used

15:15 Green Cards (Consultants)

16:00 The Scenario

21:05 Actions that don’t require dice roll, “clarity vs. analysis”

27:30 First Procedure Dice roll and turn cool off counters

30:00 Debug Cautionary word from Jason

32:10 Procedure that works! (successful dice roll)

34:07 Revealing Attack Scenario cards upon successful roll

35:45 understanding the difference in established procedures and other procedures

39:56 Expansion Gray Card (Inject Card)

45:50 “at what point does an incident become a crisis?” Who on your team knows the difference?

52:57 Game Wrap up

53:40 Is this a plausible attack? Always ask that question at the end of the game

58:27 Goodbyes and Thank Yous

––– Join the BHIS Community Discord: https://discord.gg/bhis

––– Play Backdoors & Breaches Online: https://www.blackhillsinfosec.com/projects/backdoorsandbreaches/

---

---

---

---