CLICK HERE TO DOWNLOAD THIS IMAGE & COLOR IT IN!Inside: A summons to reveal how frequently your party tabletops, field intel revealing new AI-based attack patterns, plus three hidden gems for shaping custom quests in Ally’s Build Tool.


Every incident response team has its own training cadence. Some parties gather consistently every quarter, while others only convene when the compliance horns sound. Every kingdom runs a bit differently, and we want to know how you run yours.
Take 30 seconds to fill out our TTX Frequency Survey and tell us how often you’re running tabletops with your organization or clients. Submit your answer by clicking the button below.

We’ll resurface this survey from time to time to see how the industry’s rhythm changes. Our hope is that tools like Ally help more Facilitators bring their parties back to the table with greater consistency, sharper insight, and stronger resolve.
Your allies in IR,
Rob & Scout


CISA has thrown open the gates once more on long-awaited CIRCIA rules related to incident disclosure timelines. Facilitators can use this to create a timed quest, testing how the party responds when the hourglass applies pressure. Read the decree
Law enforcement and security firms struck a heavy blow against the Amadey malware loader and StealC infostealer, seizing servers, domains, and a dragon’s hoard of stolen credentials. Facilitators can turn this into a supply-chain-of-crime scenario, testing how the party responds when one infected endpoint becomes a bandit’s master key. Study the takedown
Using an enterprise resource planning software to slip into the vault of the NAIC, infamous cyber bandit gang ShinyHunters claims to have seized a whopping 3.1 TB of data. Facilitators can forge this into a third-party systems quest, testing how the party tracks stolen keys and controls the narrative when brigands taunt their spoils. Open the report
Agentjacking is a new attack path where poisoned error reports can fool trusted AI coding agents into running a cyber warlock’s wicked commands on developer machines. Facilitators can turn this into a quest about AI trust, testing how the party verifies tool output and keeps AI scribes in check. Examine the scroll


Shaped by Megh!
Ally’s Build Tool gives you structure for building your scenarios, but that structure is not a cage. It’s the scaffolding that lets your imagination climb to new heights!
Nestled within the Build Tool are three hidden gems that help you give custom shape to the tale. Make tailored refinements by fusing web links, company context, and/or custom prompts into your quest.
These gems give Facilitators more control over the forge without slowing down the build. Give our Build Tool a try by signing up for a free Ally account.
.webp)


We’ve surveyed the realm’s tabletop cadence, gathered a fresh bundle of exercise fodder, and unearthed three hidden gems for shaping custom quests in Ally’s Build Tool. May all your upcoming TTXs be critical successes!
About Ally Security
Ally is here to support facilitators, which in turn creates a virtuous cycle where exercises take less time, provide more value, are run more frequently, and can make every organization can be better prepared.
The unexpected wins. The client curveballs. The chaos you couldn’t have scripted if you tried. Dear Asa is your space to share the stories that don’t make it into the official post-incident report. Script, submit, and enjoy a chance to be featured or quoted in an upcoming post.
