Marketing uploaded customer spreadsheet to unsanctioned AI tool — CASB high-risk alert
A medium Cybersecurity scenario on Shadow IT SaaS.
Start a graded attempt against this scenario. Your response is scored by the same deterministic rubric used across the catalog. Email and evidence content stay hidden until you start.
Launches this exact scenario. One of 5 templates in this Track + Difficulty pool.
catalog id · shadow-it-saas-marketing-ai
What this scenario practices, mapped to recognized frameworks.
Educational mapping only. Not a compliance attestation.
- Shadow-IT SaaS discovery
- Business-data-leak scoping discipline
- Data from Information Repositories · CollectionT1213 · TA0009PartialMedium confidence
Trains defensive scoping when business data is shared to an unsanctioned SaaS.
- Network Traffic AnalysisD3-NTAMappedMedium confidence
Trains traffic-visibility investigation of unsanctioned SaaS endpoints.
- Resource Access Policy AuditingD3-RAPAMappedHigh confidence
Trains the access-policy audit response to discovered shadow SaaS.
- Asset Management · IdentifyID.AM · IDMappedHigh confidence
Trains discovery and inventory of unsanctioned SaaS usage.
- IR lifecycle phaseDetection & AnalysisMappedHigh confidence
Trains scoping of business risk from a discovered shadow SaaS.
- Secure Sensitive Data2.IMappedMedium confidence
Trains the data-protection baseline for sensitive content leaving sanctioned systems.
- Asset Inventory1.AMappedHigh confidence
Trains the asset-inventory baseline that surfaces shadow SaaS.
- Inventory and Control of Software AssetsControl 2MappedHigh confidence
Trains the software-inventory control.
- Service Provider ManagementControl 15MappedHigh confidence
Trains the third-party-provider control the scenario exercises.