business
Sales Playbook
Write sales playbooks with qualification frameworks, discovery question banks, objection handling scripts, competitive positioning, and deal stage definitions that align the sales team on methodology.
salesplaybookqualificationobjectionscompetitivemethodology
Works well with agents
Works well with skills
sales-playbook/
enterprise-saas.md
Markdown| 1 | # Sales Playbook: CloudSecure (Enterprise SaaS — Cloud Security Posture Management) |
| 2 | |
| 3 | ## Ideal Customer Profile |
| 4 | |
| 5 | ``` |
| 6 | Firmographic Fit: |
| 7 | - Company size: 500-5,000 employees, $50M-$500M revenue |
| 8 | - Industry: FinTech, HealthTech, SaaS — regulated or compliance-sensitive |
| 9 | - Tech stack: AWS or GCP, Kubernetes in production, 3+ engineering teams |
| 10 | |
| 11 | Behavioral Signals: |
| 12 | - Hiring for "Cloud Security Engineer" or "DevSecOps" roles |
| 13 | - Recently failed an audit or received SOC 2 findings |
| 14 | - Using open-source scanners (Prowler, ScoutSuite) but lacking centralized dashboards |
| 15 | - Visited pricing page twice or requested a demo |
| 16 | |
| 17 | Disqualification Criteria: |
| 18 | - Fewer than 50 cloud workloads (below $30K ACV threshold) |
| 19 | - Locked into Wiz or Palo Alto Prisma contract with 18+ months remaining |
| 20 | - No compliance driver — security is deprioritized |
| 21 | ``` |
| 22 | |
| 23 | ## Qualification Framework (MEDDIC) |
| 24 | |
| 25 | | Element | Question to Answer | Evidence Required | |
| 26 | |------------------|---------------------------------------------|------------------------------------------| |
| 27 | | Metrics | What compliance or security KPIs do they track? | "Reduce mean-time-to-remediate from 14 days to 48 hours" | |
| 28 | | Economic Buyer | Who approves $30K-$150K security tooling? | CISO or VP Engineering name confirmed | |
| 29 | | Decision Criteria| What will they evaluate on? | Coverage, time-to-value, compliance mapping | |
| 30 | | Decision Process | What steps from eval to signed contract? | POC, security review, legal, procurement | |
| 31 | | Identify Pain | What is the cost of not solving this? | "$200K audit remediation" or "2 engineers full-time on manual checks" | |
| 32 | | Champion | Who is selling internally on our behalf? | Can articulate why CloudSecure wins vs. build-your-own | |
| 33 | |
| 34 | ## Discovery Question Bank |
| 35 | |
| 36 | **Pain:** |
| 37 | - "Walk me through what happens today when a misconfigured S3 bucket is detected." |
| 38 | - "How many hours per week does your team spend on manual compliance evidence collection?" |
| 39 | - "What happened during your last audit — were there findings that surprised you?" |
| 40 | |
| 41 | **Decision Process:** |
| 42 | - "Who else needs to sign off on a security tool at this price point?" |
| 43 | - "What does your procurement timeline look like — is there a fiscal year deadline?" |
| 44 | - "Have you evaluated other CSPM tools before? What happened?" |
| 45 | |
| 46 | **Budget:** |
| 47 | - "Is there budget allocated for cloud security tooling this year, or would this need a new request?" |
| 48 | - "Where does this rank against other security priorities this quarter?" |
| 49 | |
| 50 | **Competition:** |
| 51 | - "Are you evaluating Wiz, Lacework, or Orca alongside us?" |
| 52 | - "Has your team considered building this with open-source scanners and a custom dashboard?" |
| 53 | |
| 54 | ## Objection Handling |
| 55 | |
| 56 | **"Wiz covers everything you do."** |
| 57 | Acknowledge Wiz is a strong platform. Reframe: "Teams that switch to us from Wiz typically cite two gaps — Wiz's remediation workflows require manual Jira ticket creation, and their Kubernetes runtime coverage lags behind agentless scans by 6-12 hours. Would it be useful to run a side-by-side on your staging cluster?" |
| 58 | |
| 59 | **"We can build this with Prowler + Grafana."** |
| 60 | Acknowledge the team's engineering strength. Reframe to total cost: "We see teams spend 3-4 months building a dashboard that covers 60% of compliance frameworks, then 1 FTE maintaining it ongoing. At $180K fully loaded, that is 3x our annual contract. Would it help to see a case study from a team that made the switch?" |
| 61 | |
| 62 | **"Not a priority this quarter."** |
| 63 | Acknowledge timing. Ask: "What would move this up — a failed audit, a security incident, or a board-level mandate?" Quantify cost of waiting: "Each quarter without automated remediation is roughly 400 engineer-hours on manual checks." Set a reconnect tied to their audit cycle. |
| 64 | |
| 65 | **"Your price is too high."** |
| 66 | Acknowledge pricing is a factor. Reframe to ROI: "You mentioned 2 engineers spending 20 hours/week on compliance checks — that is $190K/year. Our platform costs $85K and automates 80% of that work. Most customers see payback in 5 months." Offer a phased rollout to reduce year-one cost. |
| 67 | |
| 68 | ## Competitive Positioning |
| 69 | |
| 70 | | Dimension | CloudSecure | Wiz | Orca Security | |
| 71 | |-----------------|-------------------------|--------------------------|--------------------------| |
| 72 | | Best for | Mid-market, compliance-first | Enterprise, broad coverage | Agentless-first orgs | |
| 73 | | Pricing | $30K-$150K/yr | $100K-$500K+/yr | $50K-$200K/yr | |
| 74 | | Key strength | Automated remediation + compliance mapping | Breadth of coverage | Agentless scanning speed | |
| 75 | | Key weakness | Smaller partner ecosystem | High cost, long sales cycle | Weaker Kubernetes runtime | |
| 76 | | Landmine Q | — | "How quickly can Wiz auto-remediate a finding without manual intervention?" | "How does Orca handle runtime threats in Kubernetes pods?" | |
| 77 |