The Threat Agents card game provides each player with Counter Agent cards with 7 core ways that your system. However if you want some more ideas then check out the below counter agents table or print out the PDF.
| Counter Agent | Technique | Counters |
| Oracle | Documents security as part of user guides | All |
| Doorman | Uses firewalls and IP lists to block unwanted traffic | All |
| Skinhead | Uses a hardening guide or white paper to tell users what to do | All |
| Enforcer | Software requires that you follow best practices (password strength, mandatory changes) | All |
| The Multi | Requires you to prove who you are in multiple ways (MFA) | The Imitator |
| Authenticator | Requires your unique ID and password to let you in. | The Imitator |
| Bouncer | Lets you in if you know the magic word (such as a PIN) | The Imitator |
| Certifiably Trustworthy | Uses digital signatures / certificates to decide whether to trust you | The Imitator |
| Santa | Uses plain text file logging to know whether you’ve been good or bad | The Liar |
| Echelon | Uses secure logging to track what you are doing | The Liar |
| Vigilant | System automatically raises alerts for unexpected data and access on the network | The Liar, Black Ops |
| Elitist | Access is limited depending on what group you belong to. | The Gossip, Black Ops |
| Control Freak | Uses ACLs / permissions to limit what you can do. | The Gossip, Black Ops |
| Micro Manager | Use principle of least privilege using fine tuned ACLs to tightly limit what you can do | The Gossip, Black Ops |
| Legion | High availability system | The Glutton |
| Super Sub | Failover when the primary is offline | The Glutton |
| Conservative | Stingy with handouts of bit rates and connection count | The Glutton |
| Enigma | Uses strong cryptography to encrypt messages/data | The Gossip |
| Mysterio | Uses cryptography to encrypt messages / data but its weak or custom | The Gossip |
| Obby Dobby | Data on disk, memory or network etc is obfuscated | The Gossip |
| Inspector | Integrity checking of data read from a data source | The Tinkerer |
| Magistrate | Server side validation of input/data | The Tinkerer |
| Cotton Wool | Data is sanitised before being read to or written to network/storage | The Tinkerer |