Shall We Play a Game?

Explore an approach to developing and executing effective security exercises and practice drills in this 30-minute conference talk from Security BSides San Francisco. Learn how to leverage MITRE's Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework to create comprehensive security simulations. Discover the key components of a successful exercise, including story selection, tactics identification, threat modeling, table-top discussions, adversarial emulation, and scoring methods. Gain insights on establishing a robust exercise program that emphasizes repetition, momentum, and muscle memory development. Transform cyber threat intelligence into practiced action through engaging security games, enhancing incident response capabilities and organizational protection.