Skybox Security unveils industry’s first SaaS solution for Security Policy and Vulnerability Management across hybrid environments

Skybox Security today announced the next generation of its award-winning Security Posture Management Platform – including the industry’s first Software-as-a-Service (SaaS) solution for Security Policy and Vulnerability Management. Propelling its global customer base into the next era of proactive cybersecurity, major innovations advance its platform that continuously tests attack feasibility, exposure, remediation options, and compliance across hybrid environments.

“Today, we’re delivering on our mission of building the world’s leading Security Posture Management platform,” said Skybox Security CEO and Founder Gidi Cohen. “Skybox equips customers with the hybrid network modeling, path analysis, and automation they need to reduce the risk of a significant data breach by 55%. Our latest innovations are significant for customers that deploy on-prem, as well as customers that will benefit from our new SaaS solution. The new Skybox Cloud Edition offering capitalizes on the speed, scale, innovation, and productivity benefits powered by the cloud to drive the pursuit of broader digital business opportunities.”

Expansion into Cyber Asset Attack Surface Management

Challenging the status quo through a dynamic, fresh approach to Cyber Asset Attack Surface Management (CAASM), Skybox visualizes all assets through API integrations, identifies and prioritizes vulnerabilities using proprietary threat intelligence, sees gaps in security controls, and automatically provides remediation options. In addition, significant advancements to the proprietary Skybox network model enable customers to dynamically model operational technology, IT, and hybrid cloud environments – including all networking and security data related to a specific asset.

According to Gartner Research: “CAASM enables security teams to improve basic security hygiene by ensuring security controls, security posture, and asset exposure are understood and remediated. Organizations that deploy CAASM reduce dependencies on homegrown systems and manual collection processes, and remediate gaps either manually or via automated workflows. Organizations can visualize security tool coverage, support attack surface management (ASM) processes, and correct systems of record that may have stale or missing data.”¹

Industry’s first solution to automatically map vulnerabilities to malware type

Skybox also introduced the industry’s first Security Posture Management solution that connects Vulnerability Management with Threat Hunting. Building on its Exposure Management process that emphasizes publicly known vulnerabilities and identifies control gaps, Skybox now also associates vulnerabilities to malware by name, category, and distinct classes – including ransomware, Remote Access Trojans (RATs), botnets, cryptocurrency miners, trojans, and more.

“Executives and board members want to know if their cybersecurity teams are staying ahead of the latest celebrity malware such as TrickBot, REMCOS, FormBook, AZORult, Ursnif, Agent Tesla, and NanoCore,” said Ran Abramson, Threat Intelligence Analyst, Skybox Research Lab. “Powered by Skybox threat intelligence, CISOs have automated analysis that can prove they retired millions of malware and exploits. No other cybersecurity solution can provide customers with our advanced vulnerability prioritization and threat trend reporting.”

Expanded integrations eliminate complexity, reduce administrative burden, and provide more effective cybersecurity

With over 150 integrations, Skybox Security is the only solution that builds an extensive model of a customer’s unique hybrid environment, including all of the customer’s L3 devices. Expanded integrations include:

• Amazon Web Services (AWS): Expanded cloud capabilities include support of AWS firewalls in distributed mode. Reduce risk while validating compliance by eliminating permissive, obsolete, shadowed, and redundant rules.
• Cisco Application Centric Infrastructure (ACI): Adding new capabilities to its Cisco ACI integration, Skybox now delivers granular visibility into ACI Fabric tenants across spanning networking, micro-segmentation policies, and device attributes.
• Palo Alto Networks Prisma Cloud: Furthering its commitment to shift-left security practices, vulnerabilities in container images across DevOps toolchains can now be identified and prioritized for remediation via the Skybox multi-factor risk scoring algorithm.

Skybox Cloud Edition accelerates customer value with increased flexibility, scalability, business agility, and resiliency

Skybox Cloud Edition delivers the capabilities of the Skybox Security Posture Management Platform in a Software-as-a-Service (SaaS) offering to unlock additional business agility and resiliency benefits.

• First SaaS solution for Security Policy Management: Leapfrogging the competition, the Cloud Edition capabilities reduce software installation maintenance tasks. Streamlined licensing and deployment are designed to meet customer demand.
• Advanced Vulnerability and Exposure Management: With the industry’s most flexible deployment options for Vulnerability and Exposure Management (both on-premises and SaaS versions), customers can select the deployment model that aligns with their corporate and regulatory requirements.
• Limitless scalability: Manage security policies, prioritize vulnerabilities, and remediate exposures across the most complex on-premises, cloud, operational technology (OT), and hybrid environments. Automate, verify, and operationalize risk reduction.
• Faster deployment options: Cuts deployment time and reduces the need for procuring hardware, performing testing, and installing updates – enabling customers to unlock value faster. Customers with vast, global environments will reap huge benefits due to the size and diversity of their attack surface.
• Instant automatic updates: Customers benefit immediately from the latest product innovations and platform updates. Upgrades are much less disruptive, with no need for change management resources. Seamless, automated upgrades are critical given the dynamic threat and regulatory landscapes.
• Guaranteed availability: The solution is hosted in AWS for outstanding stability, performance, and guaranteed availability. Additionally, 24/7 monitoring of the tenants, across both the Network Operations Center (NOC) and Security Operations Center (SOC), maintains optimal network performance and performs real-time analysis for continuous threat mitigation.

Customer quotes

• “We had endless streams of vulnerability remedial work. Everything seemed extremely important. Hence why we moved to Skybox: Because it gave us exactly the prioritization model we needed.” – Director of Cybersecurity, Manufacturing Organization
• “The overall visibility that Skybox has given us of the network – that’s something we didn’t have before. You can’t really put a number on that, but it’s a massive impact.” – Principal Network Engineer, IT Security Company
• “They were getting burned out. So, this has changed at least one of my engineers’ lives. He actually said it over and over, ‘This is the best thing that’s ever happened to me.’ Had it been anyone else, I doubt we would have kept anyone in that position for long.” – Information Security Manager, Financial Services Organization
• “Assets that are critical are tracked in Skybox, and the risk is assessed. If there is a vulnerability, we can fix it immediately. It’s reflected in Skybox, and we have evidence for future audits.” – Information Security Manager, IT Security Company

Additional resources

1. Gartner Hype Cycle for Security Operations, July 5, 2022, Andrew Davies. GARTNER and HYPE CYCLE are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.