This website uses cookies to enhance your browsing experience. Please note that by continuing to use this site you consent to the terms of our Privacy Notice.

ACCEPT
Experienced a Breach?

NEED IMMEDIATE ASSISTANCE?

Contact Us for Pre and Post Incident Response Services

CONTACT US NOW

Click here to download as PDF

TABLETOP EXERCISE | CrowdStrike Services helps you stop the breach before it starts

ANTICIPATE. IMPROVE. PREPARE.

CrowdStrike’s experience conducting incident response against targeted threats for our clients gives us a real-world perspective on the process. Leveraging our experience, we can guide your organization–both executive and technical participants–through a targeted attack scenario in a tabletop exercise. This immersive experience simulates a targeted attack in a time-compressed fashion, but without the risk and time investment of a of a full red team test.

HOW WE DO IT:

CrowdStrike Services reviews your existing infrastructure documentation and standard operating procedures to find opportunities for improvement. We talk with the existing IT team to uncover any undocumented processes and infrastructure intricacies that might not match today’s best practices.

This effort will reveal much about pre-existing security and incident response processes within your organization. For example, you may send us information about your processes and architecture, your people and tools structure, and any penetration test reports or previous assessments your organization may have conducted.

EXAMPLES OF DATA AND DOCUMENTATION WE MAY REVIEW INCLUDE:

  • Customer requirements
  • Security operating plans
  • Team member resumes
  • Firewall rule sets
  • Network intrusion detection configuration design and installation
  • Active Directory, Open Directory or LDAP architecture and object configuration

CrowdStrike Services conducts this review to understand your organization’s defensive posture.

With this knowledge, we construct an agenda of discussions with your personnel. These discussions take one or two consecutive days. We usually interview about six to eight groups–including members of your security team–over the course of two days on site.

We will seek to understand how your people and tools contribute to your current incident detection and response capabilities, what your technical capabilities are, how those capabilities complement or conflict with others in your organization, and other human and technical factors.

THE TABLETOP EXERCISE

CrowdStrike Services presents an incident scenario in an on-site, one-day tabletop exercise with up to 25 members of your staff. The exercise involves cross-functional members of your IT security staff as well as operations executives, business leaders, public relations, legal and other support personnel.

During the exercise, your attendees discuss how they would detect, respond and react to such an occurrence. This scenario is based on an attacker that our intelligence sources determine would be relevant to your organization. During the roundtable, we will proctor the conversation, but your staff will explore the experience: they make decisions, discover gaps in their knowledge and processes, and learn more about the attackers your organization faces today.

ACTIONABLE GUIDANCE AND DELIVERABLES

CrowdStrike Services provides several deliverables during a tabletop exercise.

  • An evaluation of your organization’s strengths and weaknesses versus targeted attack. This information can help prioritize your tactical and strategic security investments.
  • Insights into how your organization would detect and respond to a variety of attacks, but without suffering the costs of an actual security breach.

WRITTEN DELIVERABLES INCLUDE:

  • A copy of the tabletop scenario deck along with “Adversary 101” material to help educate the audience
  • A detailed and prioritized list of key takeaways identified during the scenario by both your organization and the CrowdStrike team
  • As requested, a summary report with recommendations on how to improve your processes based on the findings identified during the tabletop exercise

Optionally, CrowdStrike Services can provide an on-site executive briefing by one of our senior executives where we present our recommendations.

LEARN HOW CROWDSTRIKE STOPS BREACHES:
VISIT WWW.CROWDSTRIKE.COM/SERVICES

Speak to a representative to learn more about how
CrowdStrike Services can help you prepare for and
defend against targeted attacks.


LET’S DISCUSS YOUR NEEDS
Phone: 1.888.512.8906
Email: sales@crowdstrike.com
Web: https://www.crowdstrike.com/services

Ver: 04-04-16

 

Stop Breaches With CrowdStrike Falcon request a demo