Shall We Play a Game?

Explore an approach to developing and executing effective security exercises and practice drills in this 30-minute conference talk from Security BSides San Francisco. Learn how to leverage MITRE's Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework to create comprehensive security simulations. Discover the key components of a successful exercise, including story selection, tactics identification, threat modeling, table-top discussions, adversarial emulation, and scoring methods. Gain insights on establishing a robust exercise program that emphasizes repetition, momentum, and muscle memory development. Transform cyber threat intelligence into practiced action through engaging security games, enhancing incident response capabilities and organizational protection.

BSidesSF 2019 - Shall We Play a Game?