CLICK HERE TO DOWNLOAD THIS IMAGE & COLOR IT IN!Inside: Record-breaking turnout at TTX Thursday (thank you to our attendees!), Microsoft Teams’ phantom messages test trust inside the castle walls, and AI browser agents emerge as the cyber realm’s newest tricksters. Bonus: Ally’s new Demo Report gives Facilitators a faster, safer way to demonstrate value.
Another great exercise in the books! Our latest TTX Thursday event drew our biggest crowd yet, over 80 registrations and more than 50 active participants at the table when it all went down.
Why do we host these sessions?
Because we believe tabletops are the single most valuable way to fortify an organization’s cyber defenses. Still, few guides detail how to run them well. I.e. how to weave a compelling narrative, rally the party, and adapt when the plot takes an unexpected turn.
This month’s live scenario dropped our panel into crisis at WalCart, where a rogue third-party system, data leaks, and ransom demands tested their every move. Watching them adapt and succeed in real time reinforced one simple truth: Mastery is attained through consistent, deliberate practice.
You can watch a full replay of the session here. And if you want to see the After Action Report generated by Ally, drop us a line!
We’d love for you to join us on our next quest to protect the crown jewels. Save the date for December 4th, more details coming soon!
Your allies in IR,
Rob & Scout
Too many kingdoms waste coin on shiny armor that never sees battle. This scroll offers strategies for turning every cyber dollar into measurable defense with tactics like zero-based budgeting and the OWASP Threat and Safeguard Matrix. Facilitators, take heed: your next tabletop could spark a budget renaissance. Examine the guide
A new breed of digital squire has arrived. AI browser agents fetch, click, and make decisions for us, but prompt-injection attacks can whisper malicious commands straight into their code-bound minds. For facilitators plotting future scenarios, these agents make perfect tricksters to test vigilance. View the briefing
Every guild has its rogues. In this case, seasoned defenders allegedly crossed to the dark side, lending their skills to the ALPHV BlackCat ransomware gang. The tale serves as a grim parable on trust, and as great inspiration for the banditry in your next TTX. Read the report
Vulnerabilities in Microsoft Teams allowed digital doppelgangers to slip into conversations disguised as trusted colleagues, weaving false directives and silent edits into everyday dialogue. It’s a perfect seed for scenarios where threats wear familiar faces and lurk within the castle walls. See the dispatch
Woven into existence by Stacey!
Our brand new Demo Report, accessible from the sidebar starting next week, gives you a pre-constructed After Action Report. This feature lets you demonstrate the power and polish of Ally’s client-ready reports without touching real exercise data, alleviating privacy concerns for clients and saving precious prep time for facilitators. Use it to wow prospects, share capabilities with colleagues, and enlighten clients on what they can expect from your TTX process.
The Demo Report serves as your crystal ball when introducing Ally to a client, offering a clear glimpse of what “prepared” looks like.
We covered WalCart’s live-fire lessons, field reports on trickster AIs and doppelganger chats, and a Demo Report built to save time like Prince Charming saves the damsel in distress. With that, your kit should be fully stocked for your next campaign.
About Ally Security
Ally is here to support facilitators, which in turn creates a virtuous cycle where exercises take less time, provide more value, are run more frequently, and can make every organization can be better prepared.
The unexpected wins. The client curveballs. The chaos you couldn’t have scripted if you tried. Dear Asa is your space to share the stories that don’t make it into the official post-incident report. Script, submit, and enjoy a chance to be featured or quoted in an upcoming post.
