You win by successfully defending against every type of attacker (Script Kiddies to Nation states).
You lose if: 1) You run out of budget to to maintain your operations. 2) If your data
is ex-filtrated to tht public.
You are given a budget and access to a subset of mitigations.
Click the mitigations you want to activate.
Each activitation will reduce your budget.
Active mitigcations show there state by color: Green=ready, Yellow=compromised, Red=broken.
When you are ready, click the "RUN" button. This will start the attack.
Once the attack has begun the scenario will show a series of attack, failure, and inject cards.
Each level has a core set of defined cards as well as radomaly generated cards.
The number of cards increases with each level.
Attack Cards: If you deployed an effective mitigation these cards are benign and are ignored. Good job!
If not, you will given the chance to remediate at a cost. If you choose to ignore the expose will continue.
Failure Cards: This is an attack that just always works, even if you have the right mitigation deployed.
Real-life example: you did phishing training but somebody clicked on that email anyway.
Inject cards: These can be good, bad, or indifferent. Respond or ignore as you see fit.
No Cognito User Pool Configured
There is no user pool configured in /js/config.js. You'll configure this in Module 2 of the workshop.