What Are Pre-Sales Cybersecurity Scans?

Pre-sales cybersecurity scans are limited-scope assessments designed to evaluate a prospect's vulnerabilities, sensitive data exposure, and compliance status. These scans:

• Require minimal setup.
• Focus on key systems or areas of interest.
• Provide actionable insights without committing to a full deployment.

How to Use CYRISMA for Pre-Sales Scans

1. Set Up the Instance

• Instance Type: When creating a new instance for the prospect, select the Consulting instance type. This allows up to 30 days of free access for testing and evaluation purposes.
• Instance Naming: Use a descriptive name (e.g., “ClientName-PreSales”) to easily identify the instance.

2. Identify the Scope

Work with the prospect to determine the scope of the scan. Focus on:

• High-value targets: Executive workstations, servers, or key endpoints.
• Critical systems: Devices critical to operations or containing sensitive data.
• External-facing assets: Public IP addresses or web applications.

3. Deploy CYRISMA Agents

Agent Deployment Options

• Manual Deployment: Download the agent from the CYRISMA portal and install it on a single machine or a few targeted devices.
• RMM Deployment: Use CYRISMA’s PowerShell script to deploy agents in bulk via the prospect's remote monitoring and management (RMM) tool.

4. Run Pre-Sales Scans

Internal Vulnerability Scans

• Authenticated Scans: Use domain administrator credentials to perform a deeper analysis of systems and uncover detailed vulnerabilities.
• Unauthenticated Scans: Assess IoT devices, printers, routers, and other non-authenticated systems for high-level risks.

External Vulnerability Scans

• External IP Scans: Evaluate public-facing IP addresses for vulnerabilities and open ports.
• Web Application Scans: Test web applications for potential attack vectors such as cross-site scripting and SQL injection.

Sensitive Data Scans

• Scan targeted areas for sensitive data such as credit card numbers, Social Security numbers, or other personally identifiable information (PII). Focus on key systems or email accounts for quick, impactful results.

5. Analyze and Share Results

Analyze Findings

• Review scan results for:
  • High-risk vulnerabilities.
  • Sensitive data exposure.
  • Compliance gaps.
• Highlight critical findings that align with the prospect’s industry or regulatory requirements.

Generate Reports

• Use CYRISMA’s reporting tools to create a concise, professional summary of findings.
• Reports to consider:
  • Cyber Risk Assessment Report: Provides an executive summary of vulnerabilities and risk exposure.
  • Vulnerability Scan Report: Offers detailed insights into identified risks.

6. Present the Results

• Schedule a follow-up meeting to present the findings.
• Focus on actionable insights, such as:
  • Remediation steps for critical vulnerabilities.
  • Recommendations for compliance improvements.
  • Opportunities to enhance their security posture using CYRISMA.

Best Practices for Pre-Sales Scans

Start Small
Conduct scans on a limited number of systems to provide impactful results without overwhelming the prospect.

Communicate Clearly
Explain the purpose of the scan and how the results will benefit the prospect.

Focus on Value
Highlight how CYRISMA can address the identified risks and improve security.

Simplify Deployment
Offer guidance or direct assistance to ensure smooth agent deployment and scan execution.

Follow Up Quickly
Present findings soon after the scans to maintain engagement and momentum.

Conclusion

Using CYRISMA for pre-sales cybersecurity scans is a strategic way to demonstrate the platform's capabilities while providing prospects with valuable insights. By following this structured approach, you can build trust, initiate meaningful conversations, and pave the way for long-term partnerships.