Security Operations Questions

A company needs expert monitoring, hunting, and response as an ongoing service. Which Unit 42 service category fits?

A confirmed breach requires containment, eradication, recovery, and post-incident improvement. Which process should organize the work?

A company wants to evaluate exposed assets and attack paths before adversaries exploit them. Which service fits?

A SOC needs centralized event collection and correlation to support investigations. Which platform category is the best fit?

Responders need to analyze evidence to determine the scope and nature of an incident. Which service activity fits?

A security leader wants to evaluate security operations maturity, processes, and controls. Which service fits?

Which platform category collects and analyzes security events for detection and investigation?

Which platform category automates and coordinates security workflows and response actions?

Which Cortex solution automates SOC workflows and supports incident collaboration through playbooks?

Analysts need endpoint, network, identity, cloud, and exposure data in one operational view. Which XSIAM concept fits?

A tool continuously finds unknown risks and exposed services on connected systems. Which ASM capability is this?

Which function discovers and manages exposed assets and unknown risks across connected systems?

A SOC wants to enrich alerts, open tickets, notify teams, and run response steps automatically. Which platform category fits?

A SOC wants repeatable incident-response steps to run through integrations with less manual work. Which XSOAR capability fits?

A responder adds context about adversaries, techniques, and indicators to an investigation. Which resource is being used?