Skybox Vulnerability Control (VC)

Skybox® Vulnerability Control supports a systematic approach to vulnerability management unlike any other vendor. Our solution is rooted in simplifying vulnerability management, using context to analyze, prioritize and remediate your riskiest vulnerabilities quickly.

• Centralize and enhance vulnerability management processes from discovery to prioritization and remediation

• Harness the power of your data — from vulnerabilities and asset data, to your network topology and security controls

• Use network modeling and attack simulation to find exposed vulnerabilities

• Contextualize vulnerability data with up–to–date intelligence of the current threat landscape

• Know your best available remediation options, including patching, IPS signatures and network–based changes

New vulnerabilities are surfacing on your network daily, and the threat landscape is in a constant state of change. You need to be sure that your resources are focused on responding to the riskiest vulnerabilities before attackers find them. Vulnerability Control gives visibility to your network infrastructure and assets, adding intelligence of current threat landscape to help pinpoint exposed vulnerabilities with active exploits in the wild. Skybox puts intelligence at your fingertips: automated data collection, modeling, simulation and analysis help you make the best proactive response — in a fraction of the time of manual approaches. Risk-Based Vulnerability Management Vulnerability Control is at the heart of Skybox’s unique approach to riskbased vulnerability management.
It starts with fresh vulnerability data. Skybox uses a wide range of sources, including asset and patch management systems and network devices, to assess vulnerabilities without requiring a scan. We can also collect, centralize and merge data from multiple scanners to give you the most accurate vulnerability assessments on demand — for on–premises, multi–cloud and operational technology (OT) networks. We add context to vulnerability data via our threat intelligence feed, delivering information from the Skybox® Research Lab on vulnerability details, threat intelligence and remediation options. Data is further contextualized by correlating it to a model of your hybrid network topology, security controls and assets. With this model and our attack simulation capabilities, Skybox identifies vulnerable assets exposed to threat origins anywhere in your network. Our remediation guidance enables you to focus on these exposed vulnerabilities as well as those actively exploited in the wild. And because of our network insight, remediation options aren’t limited to just patching; Skybox informs you of IPS signatures and helps plan network–based changes that cut off vulnerable assets from attack paths. Exposure Analysis and Threat Intelligence

• Identifies exposed vulnerabilities using the network model and multi–step attack simulations

• Highlights vulnerabilities with exploits available, active exploits or packaged in distributed crimeware such as ransomware, exploit kits, etc.

• Cross references exposed and exploitable vulnerabilities to focus action on the most critical risks

• Assigns critical risk scores to exposed and exploited vulnerabilities and the assets and groups that host them

Intelligent Remediation and Fast Threat Response

• Informs you of available patches and prioritizes patches based on their effectiveness of risk reduction

• Mitigates vulnerability risk by alerting you to IPS signatures and helping to plan configuration and ACL changes

• Recommends the best remediation actions to eliminate imminent threats in hours, instead of days

• Optimizes gradual risk reduction to systematically ensure potential threats don’t escalate

Quantifiable Risk Reduction

• Measures remediation effectiveness with customized risk metrics

• Assigns risk scores to vulnerabilities, assets and groups that can be tracked over time

• Provides fully customizable reporting — use any data or widget and export as CSV, PDF or HTML