The Threat Agents card game provides each player with Counter Agent cards with 7 core ways that your system. However if you want some more ideas then check out the below counter agents table or print out the PDF.
Counter Agent | Technique | Counters |
Oracle | Documents security as part of user guides | All |
Doorman | Uses firewalls and IP lists to block unwanted traffic | All |
Skinhead | Uses a hardening guide or white paper to tell users what to do | All |
Enforcer | Software requires that you follow best practices (password strength, mandatory changes) | All |
The Multi | Requires you to prove who you are in multiple ways (MFA) | The Imitator |
Authenticator | Requires your unique ID and password to let you in. | The Imitator |
Bouncer | Lets you in if you know the magic word (such as a PIN) | The Imitator |
Certifiably Trustworthy | Uses digital signatures / certificates to decide whether to trust you | The Imitator |
Santa | Uses plain text file logging to know whether you’ve been good or bad | The Liar |
Echelon | Uses secure logging to track what you are doing | The Liar |
Vigilant | System automatically raises alerts for unexpected data and access on the network | The Liar, Black Ops |
Elitist | Access is limited depending on what group you belong to. | The Gossip, Black Ops |
Control Freak | Uses ACLs / permissions to limit what you can do. | The Gossip, Black Ops |
Micro Manager | Use principle of least privilege using fine tuned ACLs to tightly limit what you can do | The Gossip, Black Ops |
Legion | High availability system | The Glutton |
Super Sub | Failover when the primary is offline | The Glutton |
Conservative | Stingy with handouts of bit rates and connection count | The Glutton |
Enigma | Uses strong cryptography to encrypt messages/data | The Gossip |
Mysterio | Uses cryptography to encrypt messages / data but its weak or custom | The Gossip |
Obby Dobby | Data on disk, memory or network etc is obfuscated | The Gossip |
Inspector | Integrity checking of data read from a data source | The Tinkerer |
Magistrate | Server side validation of input/data | The Tinkerer |
Cotton Wool | Data is sanitised before being read to or written to network/storage | The Tinkerer |