Skybox Security, a global leader in Security Posture Management, today unveiled new automated cyber risk quantification capabilities. Leveraging its proprietary network modeling techniques, Skybox now quantifies the business impact of cyber risks into economic impact. This new financial calculation enables customers to identify and prioritize the most critical threats based on the size of financial impact, among other risk analyses.
“Other industry solutions are only capable of secondary risk assessment based on asset importance. To develop an accurate risk calculation, you need the network modeling, exposure management, and path analysis that only Skybox can deliver,” said Gidi Cohen, CEO and Founder, Skybox Security. “Actual and timely risk reduction is how we ultimately define customer success. That can be achieved only with a proactive, risk-based approach to managing your security posture.”
Skybox Security continues to evolve its platform through new innovations and technology integrations to solve critical customer cybersecurity challenges. The new Skybox cyber risk quantification capabilities elevate the role of cybersecurity and enable CISOs to:
- Prioritize critical cyber risks based on vulnerabilities that are exposed and exploited in the wild
- Target risk mitigation on the most significant risks with remediation options that go beyond patching
- Make data-driven decisions as they navigate the risks and opportunities of digital transformation
- Calculate ROI of cybersecurity budgets to validate investments and report on the financial impact
According to Forrester Research: “Even with unlimited budget and resources, it would be impossible and impractical for the security organization to address every single threat. The fast moving and evolving nature of cyberattacks requires CISOs to act quickly and decisively to mitigate those risks with the greatest impact on the business. By quantifying assets and expressing the dollar value at risk from cyberevents, CISOs can target their risk mitigation strategies on the most significant risks with most consequence to the firm.”1
Vulnerability lifecycle management algorithm expands to AWS, Microsoft Azure, and Google Cloud Platform
Skybox Security also expanded its industry-leading exposure analysis and vulnerability management capabilities to the three leading public cloud providers – Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Available now, these new capabilities provide customers with continuous, precise risk assessment and vulnerability prioritization within hybrid cloud deployments.
By extending its industry-leading IT/OT exposure management capabilities to the leading cloud services providers, customers reap the following benefits:
- Asset and vulnerability discovery – For comprehensive visibility, Skybox discovers blind spots that active scanning solutions can’t reach. As a result, customers gain a complete picture of their unique hybrid attack surface. The Skybox Platform aggregates multi-vendor scan data from across a customer’s environments and discovers vulnerabilities across unscannable cloud workloads.
- Vulnerability prioritization – Finds and identifies the gaps an adversary will exploit first by analyzing exploitability, criticality, asset importance, and exposure. The Skybox algorithm prioritizes risk using a flexible, customizable formula that can be tailored to a customer’s unique business. The platform identifies the most effective remediation options, including network-based compensating controls to supplement patches and software updates for a defense-in-depth approach.
- Network modeling and attack surface visualization – Security Architects can model how risks are mitigated with a layered combination of alternative native, custom, and other security controls. The Skybox network model enables path analysis and attack simulation to identify exposed vulnerabilities.
- Targeted attack remediation – The Skybox Security network model identifies potential attack paths, enabling customers to prioritize which security controls will mitigate a threat or an attack. In addition to identifying redundant, weak, or risky rules, Skybox enables faster audit compliance reporting because of its comprehensive security control reports.
- Integration with IT Service Management Tools (ITSM) – Improve decision-making and ITSM performance with an integrated view of how well security and IT teams are managing cybersecurity risks. ITSM integrations support strategic planning and an aligned approach to reducing cyber risk across the business.
- De-risk IT/OT convergence – The cornerstone of an effective cybersecurity strategy is a comprehensive single pane of glass view of assets and vulnerabilities spanning IT, OT, and cloud environments. Skybox aggregates vulnerability information from active scanning solutions (such as traditional Vulnerability Assessment scanners), specialized passive scanning-based OT security platforms, and its unique scanless detection techniques to deliver the industry’s most advanced Vulnerability Management solution.
Network model innovations advance attack simulation and path analysis automation
The latest release also includes major network model updates that significantly increase customer time to value and real-time exposure analysis through faster aggregation across customers’ disparate tech stacks and security toolkits. Skybox Security is the only solution that builds an extensive model of a customer’s unique hybrid environment, including all L3 devices.
The network model is continuously updated, incorporating customer scan data and proprietary threat intelligence feeds from the Skybox Research Lab. The network model’s top customer use cases include conducting path analysis, performing attack simulations. analyzing network configuration, verifying proper network segmentation, assessing security controls, and highlighting broken paths.
“Many customers struggle to understand and visualize the complete topology of their hybrid network and correctly assess exposure of their critical assets. A new Skybox innovation now automatically determines and adds missing network elements to build a complete network model,” said Haggai Polak, Chief Product Officer, Skybox Security. “This is a game-changer for customers who don’t have the resources or visibility needed to feed all their data sources into the model. As a result of this innovation, customers are delivered an accurate picture of their attack surface within hours. In addition, the model can bridge organizational silos by delivering a comprehensive view of the complex, heterogeneous IT, hybrid cloud, and OT estate that multiple enterprise teams can reference as a single source of truth.”