Tabletop Exercises
Realistic intent scenarios to test your team
Prepare for potential cybersecurity incidents
Information Security breaches continue to afflict companies of all sizes and the need to be prepared for a potential cybersecurity incident is more important than ever.
One of the most effective ways to test and maintain an Incident Response program is by using Tabletop Exercises.
Tabletop Exercises present an organization with a realistic incident scenario to which they respond. Participants describe how they would react during the incident, what tools they would use, and what procedures would be followed.
TrustedSec has years of experience running Tabletop Exercises, having worked with many organizations to help design and run the exercises in order to test Incident Response plans and policies and ensure they are working as expected. As part of the exercise, TrustedSec will:
- Design relevant scenarios for the organization
- Act as the facilitator and moderator during the scenario
- Record all actions that occur during the exercise
- Evaluate the tools, procedures, and processes used to ensure they align with industry best practices
At the end of the exercise, the organization will be able to determine where the positive areas in their Incident Response plans and policies are, which areas have room for improvement, and how they can improve moving forward.
“TrustedSec allows me to help make an impact on our clients and help those in need.”Tyler HudakPractice Lead, Incident Response
Tyler Hudak
Practice Lead, Incident ResponseTyler has over 20 years of real-world experience in incident handling, malware analysis, computer forensics, and information security for multiple organizations. He has spoken and taught at a number of security conferences about topics ranging from incident response to penetration testing techniques.
Learn more about our services from an expert.
Let our experts tailor solutions to your security challenges.
Read our blog
Explore the latest cybersecurity topics on the TrustedSec Security Blog
Prefetch: The Little Snitch That Tells on You
Incident Response and forensic analysts use the contents of prefetch files in investigations to gather information, such as the source from which an executable…
Critical Vulnerability in Progress MOVEit Transfer: Technical Analysis and Recommendations
On May 31, 2023, Progress Software released a security bulletin concerning a critical vulnerability within MOVEit Transfer, a widely used secure file transfer…
Incident Response Rapid Triage: A DFIR Warrior's Guide (Part 3 – Network Analysis and Tooling)
Within the first two installments of this series, we identified the key to successful incident preparation starts with making sure a solid incident triage…
Incident Response Rapid Triage: A DFIR Warrior's Guide (Part 2 – Incident Assessment and Windows Artifact Processing)
In Part 1 of this series, we identified that there are three (3) key parts to successful incident preparation: ensuring that a solid incident triage process is…
Incident Response Rapid Triage: A DFIR Warrior's Guide (Part 1 – Process Overview and Preparation)
In this series, I will be discussing how to handle an incident with the speed and precision of a DFIR warrior. With a rapid triage mindset, you'll be able to…
On the Road to Detection Engineering
Introduction People have asked numerous times on Twitter, LinkedIn, Discord, and Slack, “Leo, how do I get into Detection Engineering?” In this blog, I will…
Critical Outlook Vulnerability: In-Depth Technical Analysis and Recommendations (CVE-2023-23397)
Threat Overview Earlier this week, Microsoft released a patch for Outlook vulnerability CVE-2023-23397, which has been actively exploited for almost an entire…
Red vs. Blue: Kerberos Ticket Times, Checksums, and You!
This blog post was co-authored with Charlie Clark of Semperis. 1 Introduction At SANS Pen Test HackFest 2022, Charlie Clark (@exploitph) and I presented our…
Getting Analysis Practice from Windows Event Log Sample Attacks
Throughout my career as an Incident Responder, one of the most invaluable skillsets I have had to draw on has been analysis of Windows event logs. These event…
BOFs for Script Kiddies
Introduction I hope I don’t sound like a complete n00b, but what or who or where is a BOF? All the cool kids are talking about it, and I just smile and nod. Is…