Question 1 of 5
Security Visibility Check
How prepared is your organization to detect and investigate modern attacks?
Answer 5 quick questions to evaluate your security visibility — based on what incident responders actually need during a breach investigation.
5 questionsAbout 2 minutes
Instant resultsNo sign-up required
If a user session was hijacked through AiTM phishing, could your team detect the login activity?
Think about whether sign-in logs, risky user signals, and identity-related alerts are in place.
Yes
Identity sign-in logs and session data are centralized and retained
Partially
Logs exist but are fragmented or short-lived
No / Not sure
We are unsure which logs would allow investigation
Could you identify if a malicious OAuth application was granted access to your environment?
Consider whether OAuth consent events and token activity are being monitored and logged.
Yes
We monitor OAuth consent and token activity
Partially
Some audit logs exist but are not centrally collected
No / Not sure
We would not be able to determine this quickly
Could your team determine whether sensitive data was downloaded or shared externally?
Think about object access logs, SaaS activity, SharePoint, and cloud storage visibility.
Yes
Object access and SaaS activity logs are centralized
Partially
Some logs exist but correlation would be difficult
No / Not sure
We lack the required telemetry or are unsure
How far back could you investigate threat actor activity?
Consider your current retention policy across identity, cloud, and endpoint logs.
12 months or more
6 months or more
3 months or less
Not sure
If an incident occurred today, is your team confident you have the right logs and they are easily searchable?
Think about whether your logs are centralized, queryable, and retained long enough to support a full investigation.
Yes
All relevant logs are in place, centralized, and searchable
Partially
Logs are fragmented and likely missing resource-level logging
No / Not sure
Logs are unavailable or we are unsure
Your Result
out of 5 points
To improve your readiness
You can explore these requirements in our Security Visibility Blueprint for Better Defense & Response — a practical framework for collecting, retaining, and using the security data that modern investigations depend on.
.png?width=2000&height=1000&name=Invictus%20Incident%20Response-01%20(5).png "Invictus Incident Response-01 (5)")
