Skybox Security is first to model the attack surface across IT and OT environments

Skybox Security is first to model the attack surface across IT and OT environments

Skybox Security today announced new vulnerability management capabilities for operational technology (OT) environments. Available now, the new Skybox Security Posture Management Platform capabilities eliminate cyber exposure across the entire enterprise environment, including IT, hybrid, multi-cloud, and now OT assets.

“There is no single solution that will stop cyberattacks, and OT environments are particularly vulnerable. IT/OT convergence demands flexible and vendor-agnostic attack surface modeling to reduce critical cybersecurity risks,” said Haggai Polak, chief product officer, Skybox Security. “Our mission is to ensure cybersecurity matures at the speed of digital transformation. As a result, our product capabilities and future roadmap are focused on extending our network model to ingest data from transformative technologies and model entire network environments.”

As unprecedented cyberattacks on critical infrastructure and supply chains continue to accelerate, a Skybox Security 2021 research study found that 83% of organizations with OT infrastructure suffered security breaches. With OT exposure at an all-time high, Skybox Security eliminates exposure across these environments with new network modeling advancements.

A new path forward for breach prevention

Skybox Security provides visibility and context across the IT/OT attack continuum, empowering NetOps, SecOps, and ITOps teams to collectively achieve better, faster security decisions. Skybox merges, normalizes, and centralizes data from OT, IT, hybrid, and multi-cloud networks into a standard reference model for infrastructure, asset, and vulnerability data, and integrations enhance the Skybox network model by extending the platform’s capabilities to ingest new vulnerability and asset information aggregated across customers’ security toolkits and tech stacks.

Network model enables accurate path analysis

Organizations with OT environments can leverage the model to analyze the efficacy and consistency of their security controls, determine access compliance with network segmentation requirements, validate configurations and changes, and identify and precisely measure their exposure to potential cyberattacks. With a complete view of the attack surface, teams can leverage the network model to conduct path analysis to map all possible network paths – from source to destination – where packets can traverse across hybrid environments. With this complete view of the attack surface, organizations with OT assets can understand where they are truly exposed, if proper network segmentation is in place, and whether compliance gaps exist.

Also Read: Four Steps to Shift to Insider Risk Management

Prescriptive remediation beyond patching

New Skybox Security OT vulnerability management capabilities provide customers with the most efficient and effective remediation options available in the industry. In OT environments, patching is often not an option. Skybox delivers insights to enable robust remediation options beyond patching, including recommendations to:

  • Apply IPS signatures
  • Add/modify access rules
  • Adjust network segmentation to block attack paths
  • Update and optimize firewall and security device policies/rules
  • Update and optimize networking device configurations

Industry-leading network model expands across OT networks

New integrations with Nozomi Networks and Siemens’ RUGGEDCOM products expand Skybox Security’s ability to identify exploitable vulnerabilities and correlate them with an organization’s unique network configurations and security controls to determine where cyberattacks pose the highest risk. The ability to verify compliance while prioritizing the most dangerous vulnerabilities reduces downtime and improves security efficacy. Skybox Security builds on its industry-leading integration partnerships for deeper visibility into OT environments, including Claroty, Forescout eyeInspect, and Microsoft CyberX. Customer benefits include:

  • Advances vulnerability management and remediation options in OT networks with reduced downtime
  • Validates compliance with security regulations and industry frameworks
  • Isolates cyber-physical systems by establishing prescriptive strategies for advanced mitigation

For more such updates follow us on Google News ITsecuritywire News