Acronyms
CSPM
Cloud Security Posture Management
What is the name for Azure's competitive product?
CRC Essentials includes AppSec
False
How does ICS help with Cloud Security?
Help comply with cloud configurations best practices and identify misconfigurations in real time throughout development into the cloud
How many tiers of Exposure Command are there? and what are their names?
Suface Command
Exposure Command
Exposure Command Advanced
CWPP
Cloud Workload Protection Platform
Who did Wiz recently acquire?
Lacework
CNAPP combines CASB and CSPM
FALSE- CNAPP combines CWPP and CSPM capabilities
What is a misconfiguration?
Unintentionally setting up a piece of IT Infrastructure in such a way that security is compromised
Does Exposure Command include SOAR?
YES
EASM
External Attack Surface Management
What is Tenable's comparable offering to CRC/ Exposure Command?
Tenable 1
InsightCloudSec has capabilities to help with CWPP
TRUE- InsightCloudsec/ CRC can help with CWPP (Cloud Workload Protection Platform) and CSPM and in tandem, CNAPP
What is a VM?
VMs = Virtual Machine. They are a more efficient way of using servers - you can run multiple VIRTUAL servers on a single server
How is Exposure Command going to be priced?
based on the average number of assets monitored across your environment
CNAPP
Cloud Native Application Protection Platform
Where do we loose competitively with Crowdstrikes cloud security?
Crowdstrike provides agent based scanning for runtime with falcon agent (Container Runtime Security) Ex. If a container image is deployed and someone modified it at runtime, we cannot look at that
InsightVM can identify where containers are
TRUE- InsightVM scans VMs to identify WHERE containers are
What is a container?
Containers are a more efficient way of using Virtual Machines- A key difference in containers is that you don’t typically update them to remediate vulnerabilities because they are intended to be specifically defined
What are the 2 main things included in Surface Command
1. Asset Discovery (CASM)
2. External Attack Surface (EASM)
CAASM
Cyber Asset Attack Surface Management
Name 1 CAASM Competitor
Axonis
JupiterOne
Armis
InsightCloudSec can identify misconfigurations in private and public repos
FALSE- InsightCloudSec can identify misconfigurations in ONLY SOME PUBLIC repos
What is a Kubernete?
Kubernetes is software that manages docker, it is an enterprise management of container usage
Give a 30 second pitch on Exposure Command
Good Job!