Advent of Cyber 2024: Day 9: Nine o’clock, make GRC fun, tell no one.

McSkidy and Glitch want to hire an eDiscovery company to process some forensic data for their investigation. They have invited bids from third parties for this purpose. Three companies have bid for the project. McSkidy and Glitch now need to do a risk assessment on all three of these companies to identify the one with the least amount of risk so that they can move forward. All three companies were required to fill out a questionnaire based on which a risk assessment will be done.

Questions:

#1. What does GRC stand for?
Answer: Governance, Risk, and Compliance

#2. What is the flag you receive after performing the risk assessment?
Answer: THM{R15K_M4N4G3D}

For this answer the below images depicts how to get the flag:

Steel Manticore

Brass Bear

Ruby Wyrm

Thank you!