Understanding the Prospecting Scenario

In a prospecting scenario, the goal is to perform targeted scans that provide a snapshot of the client’s cybersecurity vulnerabilities and compliance posture. Typically, this involves:

• Deploying a limited number of agents to key systems.
• Running scans to identify vulnerabilities or sensitive data exposure.
• Presenting actionable findings to highlight opportunities for improvement.

Steps to Deploy CYRISMA Agents in a Prospecting Scenario

1. Set Up the Instance

• Instance Type: When creating a new instance for a prospect, select the Consulting instance type. This provides 30 days of free scanning and analysis, ensuring no licensing costs during the prospecting phase.
• Naming the Instance: Use a clear and descriptive name (e.g., “ClientName-Prospect”) to differentiate it from managed instances.

2. Deploy the CYRISMA Agent

Option 1: Manual Deployment (Single Machine)

1. Navigate to the Admin section in the CYRISMA portal and download the appropriate agent for the prospect's system (Windows, Mac, or Linux).
2. Provide the prospect with the installation file and installation key.
3. Guide them to install the agent on a few key systems, such as:
   • A high-value target (e.g., C-suite executives’ workstations).
   • Servers or devices critical to their operations.

Option 2: Bulk Deployment via RMM (Remote Monitoring and Management) Tool

1. Use the PowerShell script provided in the Admin section.
2. Customize the script:
   • Add the installation key and instance-specific URL to the script.
3. Share the script with the prospect’s IT team to deploy the agent across a small group of target systems.

3. Configure Scans

Internal Authenticated Scan

• Use domain administrator credentials to enable the agent to perform a deeper scan of the internal environment.
• Focus on key systems or subnets to identify vulnerabilities, misconfigurations, and other risks.

Internal Unauthenticated Scan

• If credentials are unavailable, run an unauthenticated scan to identify IoT devices, printers, routers, and other non-authenticated systems.
• This scan provides a high-level overview of potential risks without requiring detailed access.

External Scans

• If the prospect prefers not to deploy internal agents, use CYRISMA’s external vulnerability scanning to assess their public-facing IPs or web applications.

4. Analyze Results and Generate Reports

• Review scan results to identify:
  • High-risk vulnerabilities.
  • Sensitive data exposure.
  • Misconfigurations or compliance gaps.
• Generate a Cyber Risk Assessment Report or a customized summary to present to the prospect.

5. Share Findings with the Prospect

• Schedule a follow-up meeting to present the findings.
• Focus on key takeaways, including:
  • Critical vulnerabilities and risks.
  • Potential compliance issues.
  • Actionable recommendations for remediation.

6. Clean Up After the Prospecting Phase

• Use the Mass Delete feature in the CYRISMA portal to uninstall agents from prospect devices.
• Ensure that all prospect data is securely removed from the instance to maintain confidentiality.

Best Practices for Prospecting Scenarios

Start Small
Deploy agents on a few high-impact systems to provide actionable insights without overwhelming the prospect.

Customize Scans
Tailor scans to focus on the client’s unique needs, such as regulatory compliance or specific cybersecurity threats.

Use Results as a Selling Tool
Highlight how CYRISMA can address identified risks and improve the client’s security posture.

Simplify Deployment
Offer clear instructions or direct assistance to ensure smooth agent deployment.

Follow Up Quickly
Schedule a review session soon after the scan to maintain momentum and address any prospect questions.

Conclusion

Deploying CYRISMA agents in a prospecting scenario is a powerful way to showcase the platform’s capabilities and provide value to potential clients. By following this structured approach, you can build trust, demonstrate expertise, and create opportunities for deeper engagement.