Skip to content

Latest commit

 

History

History

cards

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 

Defensomania Card Set

Defensomania uses two types of cards: activities and scenarios. The source files are tab-delimited and include a phase, activity and source column. The scenario cards describe fictional security incidents and the activity cards describe activities used to handle these incidents. See column Source in the source files for external content attribution.

The activity cards are categorized based on the following well-known incident response phases:

  • Prepare
  • Detect
  • Respond
  • Recover
  • Lessons Learned
  • Communications

Showcase

See the list of activities and scenarios in a nicely rendered list on Github.

Cards-Preview

More activity cards means more possibilities during the game to react. Consider adding more activities and scenarios.

Additionally, see worst card set for some examples regarding building an extra pack for "Worst Response Pack". An activity for a scenario about a compromised workstation could be "log into the machine as domain administrator to search for malware" or "forward maldoc file to ticketing system where different others have access too", "communicate on twitter that you was hacked before social media department is informed". Not funny enough? Then what about building a PowerShell pack with only incident response activities using PowerShell commands called PowerShell Against Humanity? Now you're scared!

Build

Build your own Defensomania card deck using Squib and the instructions.