Skip to content
Contact Sales

Skybox Research Lab, the threat intelligence division

The lab delivers comprehensive, actionable, and timely threat intelligence that powers Skybox’s Vulnerability and Threat Management solution.

Vulnerability and Threat Trends Report 2023

Annual threat intelligence report reveals 25% surge in new vulnerabilities, and a driving need for continuous exposure management.

The Skybox Research Lab

The Skybox Research Lab has been at the forefront in analyzing the latest cyber vulnerabilities and threats for over a decade.

The lab delivers comprehensive, actionable, and timely threat intelligence that powers Skybox’s Vulnerability and Threat Management solution and enables our customers to discover, prioritize and remediate risks. Our team of analysts continuously monitors dozens of security sources, tracking and analyzing tens of thousands of vulnerabilities on thousands of products, along with the latest data on exploits and malware taking advantage of these vulnerabilities.

Our approach

Drawing on our research, the team identifies the vulnerabilities most likely to impact our customers’ networks and assets. We combine vulnerabilities with critical contextual information on vulnerability exploitability, vulnerability prevalence, the malware that exploits it, the damage it can inflict, and optimal approaches to remediation. This information is aggregated in a proprietary database and data-feed, which is fed into our Platform and used by Skybox customers.

The Skybox database has information on more than 130,000 vulnerabilities in roughly 14,000 products, including:

  • Server and desktop operations systems
  • Business and desktop applications
  • Networking and security technologies
  • Developer tools
  • Internet and mobile applications
  • Industrial Internet of Things (IIoT) devices
  • Individual control system (ICS) and supervisory control and data acquisition (SCADA) devices

The Skybox Continuous Exposure Management Platform integrates with more than 150 critical systems to:

  • Automatically aggregated threat data from sources including: National Vulnerability Database (NVD), published vulnerability repositories, vulnerability scanners, threat intelligence feeds and platforms, vendor IPS signature feeds.
  • Identify vulnerabilities in standard operating systems, browsers, software, and databases
  • Integrate intelligence data with network security operations without scanning
  • Correlate vulnerabilities in the environment with those being actively exploited in the wild
  • Model how network changes could impact security or compliance