DNR
Name the 3 verbs used in the industry framework of Incident Detection & Response?
Find, Retrace, Remove
What kind of data is presented on the Surface Command home screen?
Data related to Assets, Vulnerabilities, Identities
Name IVM's two biggest competitors (according to Jane Man)
Qualys & Tenable
Customers are looking to mature their VM processes through desktop and firewall scans and by configuring dashboards and reports to help prioritize vulnerabilities. What feature/functionality would they be interested in?
Agent deployment & distributed scan engines
Brittany Spears and Jamie Ridge share this state as their home state
Louisiana!
What is the difference between a log management system and a SIEM?
SIEM solutions are, by design, security- focused, while log management is primarily used for log collection and broader systems analysis
What additional capabilities does Exposure Command Advanced offer?
Extended Cloud coverage and Infrastructure as Code Scanning
What is Crowdstrike's XDR platform name?
Falcon
Customer wants to discuss how they can utilize IVM to prioritize vulnerabilities based on measuring how "critical" and "high" or "exploitable" the identified vulnerabilities are. What features/functions should you talk about?
IVM Risk prioritization; Dashboard - risk overview cards, Remediation Progress Cards, Goals & SLAs, Remediation Project Cards
What celebrities did Corey Thomas & Christina Luconi dress up as for Halloween 2024?
Snoop dog & Martha Stewart
Days on average to identify and remediate investigations?
279
How does Exposure Command support accountability across teams?
By providing a unified view of compliance and aligning remediation efforts with asset ownership, ensuring clear responsibility and streamlined workflows.
What is an advantage of ICS that is a gap to Wiz?
Full cloud inventory, including coding languages
How can a customer use their dashboard to show and effectively communicate to leadership how security is reducing risk in their environment?
Security Reporting and Dashboards; Executive Overview, Top 10 Assets by Vulnerability Risk, Top Remediations, Operations Dashboard
What state was Rapid7 originally incorporated in?
Delaware
Why do we call it a "Next Gen SIEM" ?
Because it is cloud based
In Surface Command, what is the primary purpose of the Query Builder tool when applied to asset management?
To create highly customized searches that pull data on specific asset attributes, vulnerabilities, and security events from across the attack surface.
Wiz (ICS competitor) is structured into 3 primary offerings, what are they?
Wiz Code, Wiz Cloud, Wiz Defend
A Customer needs to understand how IVM can assess CIS Policies for compliance, how can they do this?
Compliance Management: Scan Templates: HIPAA, PCI, Reports: PCI specific reports exist currently in the tool
What baseball team has a moose as a mascot?
Seattle Mariners
A large international organization is looking at how InsightIDR can be used to monitor their Microsoft Azure cloud environment. They use the following Azure services: Office 365 for email, Azure Entra ID, Sharepoint, and Defender for XDR. How can IDR be used to monitor their Azure enviro?
InsightIDR can monitor all of the services by configuring the Office 365, Microsoft Azure, and Microsoft Security event sources.
You’re a security analyst for a large company, and you’ve noticed that some assets in your network are not being monitored for vulnerabilities. You need to identify these assets and prioritize which ones need immediate action. Which feature of Surface Command would you use to identify the unmonitored assets and initiate remediation?
The assets dashboard to identify assets that are not currently being scanned for vulnerabilities and initiate a workflow for remediation.
Name 2 ways IAS wins against Invicti
Layed Authentication and automated login function, Ability to replay attacks to pinpoint origin in product, stronger API attack coverage
What does a combined view into CVEs detected on container images in across your cloud environments provide? (ECS, EKS, GKE, AKE, OKE, self managed k8s)
Efficiently view, prioritize and orchestrate the response to vulnerabilities Support for public and private registries Overlay of other container risk signals, including KSPM (Kubernetes Security) alerts and controls An agentless assessment method provides a lightweight means of collecting vulnerability metadata
What two celebrities have the birthday 3/19?
Bernard Beirne & Bruce Willis (: