Scenario Card Collection
This appendix contains ready-to-use scenario cards that provide specific organizational contexts and incident setups for each malmon. Each card includes stakeholders, timeline pressures, and discovery hooks tailored to different industries and organizational types.
How Scenario Cards Work
Scenario cards transform generic malmon encounters into specific, relatable incidents by providing:
- Organizational Context: Realistic workplace settings with industry-specific details
- Key Stakeholders: Named NPCs with clear motivations and concerns
- Timeline Pressure: Realistic deadlines that drive decision-making urgency
- Discovery Hooks: Multiple starting points for player investigation
- Success Metrics: Clear objectives for incident resolution
Browsing Scenarios
Use the sidebar navigation to explore scenario cards organized by malmon type. Each malmon folder contains multiple industry-specific scenarios ready for your sessions.
Selection Guidelines
By Experience Level:
- Beginner Groups: Gaboon Grabber, Raspberry Robin, FakeBat scenarios
- Intermediate Groups: WannaCry, LockBit, Code Red, Poison Ivy, Wire Lurker scenarios
- Advanced Groups: Stuxnet, Ghost Rat, Noodle Rat, Litter Drifter scenarios
By Session Length:
- 2-hour sessions: Single-organization scenarios with clear timelines
- 4-hour sessions: Multi-stakeholder scenarios with complex interdependencies
- Campaign play: Mix scenarios to show malmon evolution and organizational learning
By Learning Objectives:
- Technical Skills: Stuxnet, Code Red scenarios emphasize technical analysis
- Social Engineering: Gaboon Grabber, FakeBat scenarios focus on human factors
- Incident Coordination: WannaCry, Ghost Rat scenarios teach team leadership
- Long-term Investigations: Poison Ivy, Noodle Rat scenarios develop patience and methodology