Counter Agents

The Threat Agents card game provides each player with Counter Agent cards with 7 core ways that your system. However if you want some more ideas then check out the below counter agents table or print out the PDF.

Counter Agents PDF document

Counter Agent Technique Counters
Oracle Documents security as part of user guides All
Doorman Uses firewalls and IP lists to block unwanted traffic All
Skinhead Uses a hardening guide or white paper to tell users what to do All
Enforcer Software requires that you follow best practices (password strength, mandatory changes) All
The Multi Requires you to prove who you are in multiple ways (MFA) The Imitator
Authenticator Requires your unique ID and password to let you in. The Imitator
Bouncer Lets you in if you know the magic word (such as a PIN) The Imitator
Certifiably Trustworthy Uses digital signatures / certificates to decide whether to trust you The Imitator
Santa Uses plain text file logging to know whether you’ve been good or bad The Liar
Echelon Uses secure logging to track what you are doing The Liar
Vigilant System automatically raises alerts for unexpected data and access on the network The Liar, Black Ops
Elitist Access is limited depending on what group you belong to. The Gossip, Black Ops
Control Freak Uses ACLs / permissions to limit what you can do. The Gossip, Black Ops
Micro Manager Use principle of least privilege using fine tuned ACLs to tightly limit what you can do The Gossip, Black Ops
Legion High availability system The Glutton
Super Sub Failover when the primary is offline The Glutton
Conservative Stingy with handouts of bit rates and connection count The Glutton
Enigma Uses strong cryptography to encrypt messages/data The Gossip
Mysterio Uses cryptography to encrypt messages / data but its weak or custom The Gossip
Obby Dobby Data on disk, memory or network etc is obfuscated The Gossip
Inspector Integrity checking of data read from a data source The Tinkerer
Magistrate Server side validation of input/data The Tinkerer
Cotton Wool Data is sanitised before being read to or written to network/storage The Tinkerer