Our origin story

Founded in 2002, Skybox has brought industry-leading, award-winning solutions to the market for two decades. Our mission is to provide the intelligence and context companies need to prevent breaches.

Our secret sauce? Proactive security posture management. We take the guesswork out of cybersecurity by providing visibility, analytics, and automation to prioritize and remediate vulnerabilities and optimize security policies and controls. As a result, customers make smarter security decisions faster to secure their businesses at scale.

Why Skybox

Celebrating 20 years of cybersecurity posture management innovation; Watch video!

How it all began

Skybox Security founder Gidi Cohen’s ‘ah ha moment’ followed his service in the Israel National Security Agency (8200 unit), where his passions as a young officer for math and advanced software technologies, and for tackling complex cybersecurity challenges came together. This background inspired the invention of the first commercially available cyberattack simulation engine, introduced by Skybox to market in 2004 and was made available for enterprises and governments alike.

Skybox Security sells first product; launches network model

The first commercial product, Skybox View, was a smashing success. Skybox View found exposures to potential cyberattacks by modeling the network infrastructure, including security controls and exploitable vulnerabilities. Customers marveled at the power of the network model, the underlying technology that allowed them to conduct attack simulations. Now, customers can anticipate what an attacker might do – instead of just reacting once they were breached.

Skybox Security models controls to transform security policy management

Enamored with Skybox View, customers began to see the possibility of how the network model could be used for another pressing need -– compliance. The introduction of Sarbanes Oxley and PCI compliance requirements very soon became highly onerous for security organizations. Customers needed a way to visualize the attack surface to understand who had access to the network and whether the proper rules were in place to ensure security controls were intact. Customers also needed to maintain compliance by ensuring that any changes to the network didn’t inadvertently open new risks. Then, another idea sprung to life: The advent of our Security Policy Management Solution.

Skybox pioneers a new approach to vulnerability management

As the threat landscape continued to evolve, Skybox identified a new way to help Skybox customers. Vulnerability scanners do not provide the threat intelligence needed to identify exploits in the wild. By only using CVSS as the barometer for risk, the world was missing an important piece – how exposed they actually are to an attack. Gidi saw time and time again how medium-risk vulnerabilities became steppingstones to critical assets that cost companies millions of dollars.

So, he decided to build a Vulnerability and Threat Management Solution that not only discovers vulnerabilities across the entire attack surface but also prioritizes which vulnerabilities to close based on asset importance, exploitability, exposure, and CVSS severity.

Introduction of the Continuous Exposure Management platform

Skybox was incredibly successful with its two solutions – Security Policy Management (SPM) and Vulnerability and Threat Management (VTM). Next, customers began asking Skybox to bridge use cases across both solutions. The lightbulb went off. It was time to unify capabilities into one powerful platform that could power a new proactive approach to cybersecurity. Customers were now able to increase security efficacy, improve cyber hygiene, grow business resiliency, and more. Skybox pioneered a new approach to expand beyond the traditional “scan and patch” playbook by offering alternative remediation options. And customers can validate policy and rule changes against the Skybox network model before implementing to ensure that changes do not open up new exposures.

The next frontier for proactive cybersecurity

Over the past few years, market forces have caused an inflection point for cybersecurity that requires a new proactive approach to mitigate risk. The pandemic accelerated digital transformation, including a rapid cloud migration to support remote workers. The attack surface has greatly expanded. Regulations have grown in complexity. Critical infrastructure is increasingly under attack. Ransomware has ballooned.

Skybox is dedicated to continuous product innovation that identifies and proactively remediates critical attack vectors ahead of an incident. We enable our customers to make security decisions based on true exposure and potential financial business impact. We help customers achieve continuous compliance, no matter how complex their environment is.

When you choose Skybox, you choose the future of cybersecurity.