2020-12-28 17:00 Workshop: Dungeons Dragons and Security - Using RPG Techniques for IT Security Trainings


Start: Monday, 2020-12-28, 17:00
End: Monday, 2020-12-28, 20:00
Organized by: Klemo

tl;dr If you are into IT Security and work with people and/or games, this is THE session for you.

what is Dangeons Dragons and Security

Dungeons Dragons and Security is a fast-paced heist game. Players stage the most ridiculous, megalomaniac, devious, pythonesque-and-tarantinoesque robberies of THE item. Learning the rules takes about a minute. Escalating plots to the use of explosives takes a bit longer.

why is this a workshop and not a gaming session?

Dungeons Dragons and Security was developed by Tiphaine Romand-Latapie AKA @flutsunami as a training tool for IT Security awareness programs. It is meant to be played for about 30-50 minutes, followed by a debriefing which drives the teaching points home.

We are going to play DDnS, conduct the debriefing, and afterwards take a meta-view on the game: Is it suitable for end-users? Is it possible to depict all relevant attacks and defense strategies within the game? Does it empower users to improve their IT Security?

If so: How does it work? If not: Why doesn't it work?

Who is the audience of the workshop?

Basically, everyone can attend the workshop. People who are interested in IT Security education or the use of serious games for education outside of formal contexts might get the most out of it.

About the workshop

The workshop contributes to the research project NERD.NRW. Some anonymized data might be collected.

Player Role
Klemo Game Master
Martin Player
Erna Player
smirk Player
Leto Player
Neya Player
Hybr1s Player

Klemo has created this session.

almost 2 years ago.

Klemo has edited the session:

  • Name: Workshop: Dungeons Dragons and Security - Using RPGS Techniques for IT Security TrainingsWorkshop: Dungeons Dragons and Security - Using RPG Techniques for IT Security Trainings

almost 2 years ago.

Klemo has edited the session:

  • Description has been updated.

almost 2 years ago.

Für alle, die nachlesen wollen:

Whitepaper (pdf)

Vortrag bei Blackhat (youtube)

Folien zum vortrag (pdf)

Die Erfinderin ist als @flutsunami bei twitter zu erreichen. Wir haben sie mal für einen Vortrag angefragt und es war ein sehr angenehmer Kontakt.

Created almost 2 years ago.

Sonstiges Zeug zum nachlesen, dass Erwähnung fand:

MAERSK als Opfer von Not Petya

Honeypot 1: Frenche Election

Honeypot 2?: KGB Hack

Angreifer-Datenverkehr umleiten und Schadsoftware abschalten: Marcus Hutchins

Falls noch jemandem ein Link zu einer Resource runterfällt, die im Workshop erwähnt wurde oder erwähnt werden hätte sollen: Es wäre grandios, wenn ihr die noch droppen könntet :)

Nochmal DANKE an alle, die dabei waren.

Created almost 2 years ago.

New User? Sign up now.

Forgot your password? Reset password.