Tabletop Exercises
Prepare for an incident in a safe environment, learn from real incident commanders.
"Incident response tabletop exercises are essential for organizations to prepare for cybersecurity incidents effectively. They validate readiness by testing defense controls against existing measures, identify areas for improvement in incident response plans, and enhance team collaboration and situational awareness."
SANS Institue
In the end
It's all about the report.
We're big on content, short on fluff.
Executive Summary
More art than science, conveying the results of a very technical work to non-technical people is a skillset unto itself. We believe we've cracked the code on making this content accessible and understandable to the highest levels of management in an organization.
Strategic recommendations to support and enable executives in making decisions, packaged for executive delivery.
Assessment Results
Findings—categorized, prioritized, and ranked by criticality and estimated remediation effort.
Each finding receives a detailed breakdown including a description of the risk, detailing the threat it poses to the organization, where that issue was observed and how to remediate it. When applicable, screen captures and steps to reproduce the issue are documented.
Appendices
Cyber Kill Chains provide step-by-step walkthroughs, illustrating the severity and impact of various risks and how an attacker may leverage them.
Detailed summaries, processes, and results for engagement campaigns (i.e., recon, wireless, physical testing), which include images, statistics, tools, and techniques used.
In short, we provide all the steps necessary to show our work.
Ever hear the saying, Practice
makes perfect.
Tabletops exemplify the expression, "In a crisis, we rarely rise to the occasion, more likely that we fall to our level of training." Make sure your level of training is on par with your adversary. Nobody wants to be an amateur boxer facing off against a professional on their first day.
SEVN-X can help you and your team be prepared for the bad day we all hope never happens.
Our tabletops go beyond reading some powerpoint slides to a room full of your colleagues. We take preparation as serious as we do real incidents, after all, that's why we practice. We'll craft a realistic scenario for your organization, prepare with slides, prompts, timeouts, thoughtful questions, and finally, we'll make sure it's facilitated by a practitioner with real world experience. We love sharing our experiences with our customers and we're often told it's one of the best ways our clients learn during these events.
See that form over there 👉, go ahead and fill that out. We'll contact you to chat about facilitating your next tabletop. Oh, and if no one told you, make sure you ask your cyber insurance provider about any premium discounts you might be entitled to receive by conducting IR tabletops on an annual basis.
Check Availability
Read Up on the Latest Posts
Our blog contains tons of useful FAQs and caveats with various frameworks. Check it out.
PowerSchool Data Theft
22 January, 2025Matt Barnett sits down with NBC10 to talk about the theft of personal information of PowerSchool’s customers, including ...
NIST Cybersecurity Framework 2.0: Prioritizing Your Remediation
22 January, 2025Authors: Mark Keppler | Steve Foret Cybersecurity Frameworks Series, part 11 After a cybersecurity framework assessment ...
Cybersecurity Framework Assessments: Prioritizing Your Remediation
22 January, 2025Cybersecurity Frameworks Series, part 11 After a cybersecurity framework assessment performed by a third-party cybersecu...
You're still here?
If you want to check out something cool, our offensive security team does what these tabletops are designed to guard against.