CTD Card Game

Booz Allen Booster

The Booz Allen Booster Pack focuses on data-driven cybersecurity, which helps you respond quickly to an opponent’s attack with a variety of defense and personnel cards. This booster pack introduces never-before-seen cards, such as the Booz Allen Dark Labs, SnapAttack, Threat Hunter and SOAR! You will also discover how Purple Teams, Red Teams and Blue Teams work together to protect organizations from cyber incidents.

Released August 2023

Order Deck
Rogue Employee card

Blue Team

Blue teams are defensive security professionals responsible for maintaining internal network defenses against all cyber attacks and threats. 

Attach all Asset – Personnel you have in play to this card. Once per turn, you may discard one attached card, to draw a new card. if you play a Red Team or Purple Team card while this is in play, return 1 Defense card from your discard pile back into your deck and shuffle it. Discard this card when no more cards are attached to it.

Booz Allen Dark Labs

At Booz Allen DarkLabs, the hardest national cybersecurity problems drive their research and development agenda. Dark Labs research and prototyping unit rapidly designs, creates, and tests novel security services and solutions. 

While in play, you will generate 1 point for each Policy and Strategy type cards you have in play at the end of the round. You may only have one Booz Allen Dark Labs in play at a time. 

Cyber Risk Analyst

You work with a Booz Allen Cyber Risk Analyst, who assists you with discovering your cyber risks, understanding the needed cybersecurity policies for your organization, and developing a mitigation plan.

When played, you may search your deck for any Policy or Strategy type card and put it in your hand. Shuffle your deck once you’ve chosen a card. Discard this card when you play a Policy or Strategy card.

Data Driven Cybersecurity

Data driven cybersecurity is about figuring out how to extract, normalize, and apply data to accelerate security operations—ideally faster than adversaries. 

While in play, if your opponent has more Attack cards on the field than you have Defense cards, you may draw one card from your deck and reveal it to your opponent. If it’s not a Defense card, shuffle it back into your deck. This effect can only happen once per round.

Purple Team

Purple teaming is a collaborative approach to cybersecurity that brings together red and blue teams to test and improve an organization’s security posture. 

While in play, if you play an Attack card your opponent cannot play an Attack with the same subtype on their next turn unless you play a new Attack card. If you have either a Red Team or Blue Team card in play you may perform that card’s first effect twice when activated.

Red Team

Red Teams are a group that plays the role of an enemy or adversary to provide security feedback from that perspective. 

When you play an Attack card you can choose to discard it at the end of the round and gain the points that it would remove from your opponent instead. If you have a Blue Team or Purple Team card in play, draw one card from your deck once for this card. 

SnapAttack

SnapAttack is the world’s first Purple Team platform that removes barriers to efficient, effective, and integrated threat detection. SnapAttack helps organizations understand the art of an attack, then teaches the science of defending against it. 

Select one Attack in either discard pile. Opponent’s Attacks with the same subtype have their duration reduced by 1 round (without reducing below 1), and Attacks with no duration last 3 rounds. If you have a Purple Team in play it will prevent and counter that subtype. 

SOAR

You hire Booz Allen to integrate a Security Orchestration, Automation & Response platform designed to automate processes and free up limited human cybersecurity resources. They equip your organization to focus more resources on preventative activities that keep you ahead of attackers. 

Select one Attack card in either discard pile. When your opponent plays an Attack with the same name draw a card. Remove this card from play if you play another “SOAR” card. 

Threat Hunter

Working with Booz Allen Threat Hunters, you build a Hunt Methodology to mitigate the impact of advanced threats. Understanding how an attacker operates on a targeted network and what behavior they may exhibit can help to secure your network. 

When played remove an Attack – Code Exploit, Hack, or Personnel card from play. This card prevents Attack – Hack cards from affecting you while in play. 

Uninstallation

During regular maintenance, your opponent accidentally uninstalled an important piece of software on their systems. 

Select 1 Defense – Software card that your opponent has in play. Both this card and the target card are discarded. 

Zero Trust

You include Booz Allen’s zero-trust approach, to protect your assets. This is a strategy driven by core principles: assume a breach; never trust, always verify; and allow least-privileged access based on needs. 

When played select 1 Attack – Information Gathering or Personnel controlled by your opponent. This card removes and prevents cards with the same subtype from affecting you. Discard this card after 3 rounds or after playing another Zero Trust. 

Rogue Employee card

Rogue Employee

A disgruntled employee that works for your opponent intentionally allowed a major data breach to occur. The employee has been caught and fired.

Remove a Personnel card, excluding Attack – Personnel, that an opponent has in play. If that opponent has no Personnel in play, excluding Attack – Personnel, remove one of their Defense cards instead. That opponent loses 2 points at the end of the round. Discard this card at the end of the round.

Get Updates And Stay Connected Subscribe To Our Newsletter

Subscribe

The CIAS was established at UTSA in June of 2001 as part of UTSA’s creation of a cybersecurity program. The CIAS delivers quality research, training, K-12 education, and competition and exercise programs to advance organizational and community cybersecurity capabilities and collaboration.

Contact

Facebook Youtube Linkedin
© 2024 The Center for Infrastructure Assurance and Security. This work is licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License

CIAS in the news

arrow