Skybox Security Introduces Breakthrough Worm Attack Simulation With The Availability Of Skybox View 2.0

PALO ALTO, CA – December 13, 2004 – Skybox® Security, Inc., the leader of Security Risk Management (SRM), today unveiled the company’s Worm Defense Management (WDM) initiative and introduced a new worm attack simulation feature for its latest version of software, Skybox® View 2.0. With the availability of worm simulation Skybox View becomes the first enterprise software platform to deliver continuous and proactive defense against destructive and difficult to isolate worms for large enterprises. Under a separate announcement Skybox introduced the availability of a new compliance risk management capability that dramatically lowers the risk of being out of regulatory compliance due to control and infrastructure weaknesses. With these significant additions to the highly acclaimed software, Skybox View version 2.0 sets a new standard for risk assessment, threat analysis and vulnerability remediation planning by bridging the analytics gap and driving IT security to a “pre-attack” defense posture.

“Today there is no way to know if your network is worm-resilient,” said Gidi Cohen, CEO and founder of Skybox Security. “And because of the epidemic way in which worms spread, it is impossible and impractical to patch everything just to prevent one worm attack. A smarter, more proactive approach is needed,” Cohen concluded.

Worm Defense Challenge
Worms are the number one IT security threat and considered the most difficult to defend against. A worm is a self-replicating piece of code that rapidly propagates itself over an entire network infrastructure by exploiting known vulnerabilities or weaknesses in controls. A zero-day worm exploits a vulnerability not yet published. Even well managed change and patch management systems have worm defense limitations because:

· Worms can arrive before a patch becomes available and applicable
· Patching everything is not an economic or safe alternative for most enterprises
· The time between the appearance of a new vulnerability to its exploitation by a worm is rapidly decreasing from months to days, and in some cases, hours (zero-day worm)

Added to these issues is the trend toward more vicious cybercrime worms. John Pescatore, Security Research Fellow for Gartner, writes, “while the majority of worm attacks were once strictly vandalism, Gartner believes that the recent waves are more tied into cybercrime — that is, hacking for financial gain” (Mount A Solid Defense Against Worms and Viruses, September 2004). Since enterprises have little time to react, coupled with the speed of propagation and the malicious behavior of worms, a successful attack can result in significant damage to network services, applications and regulated assets and ultimately financial loss. In order to achieve the undeniable goal of not falling victim to a worm attack, organizations must take a proactive and more preventative approach to worm defense. Concludes Gartner, “Enterprises can get better at patching, but they can never move as fast as attackers,” (Mount A Solid Defense Against Worms and Viruses, September 2004).

According to Pete Lindstrom, CISSP and research director for Spire Security, LLC, “Worms are not going away anytime soon, yet we are jury-rigging our networks with point products that address specific parts of the problem. Skybox takes a strategic approach by helping enterprises understand how the characteristics of their networks impact the behavior patterns of worms so they can design a way to address vulnerabilities.”

Worm Defense Management (WDM) Initiative

As part of a new Worm Defense Management (WDM) initiative, Skybox believes that enterprises should embark upon a proactive, disciplined and pre-attack worm defense approach based upon five fundamental tenets:

1. Worm defense is not just technology – but a methodology. Early warning, network resilience assessment, isolation planning, prevention and recovery procedures are keys to success.

2. Plan for peace – prepare for war. Enhance the network infrastructure resilience for existing and future worms while balancing between tight controls and supporting the needs of the business.

3. Proactive – not reactive. A regular and proactive worm defense management process of which the goal should be reducing the worm exposure window and maintaining worm-resilient network infrastructures rather than relying solely on perimeter and reactive defense technologies.

4. Continuous effort. One time planning is not enough due to constant network change, publication of new vulnerabilities, and the emergence of new worm-based threats.

5. Integrated – not separate. Worm defense management should be an integral part of existing security risk management program.

The introduction of a worm attack simulation, and worm risk analysis, represents the first in a series of Worm Defense Management initiatives that Skybox plans to introduce during 2005.

Skybox View 2.0 Worm Attack Simulation Benefits
Skybox View 2.0 worm attack simulation feature empowers security professionals to simulate, understand and predict potential worm exposures due to infrastructure vulnerabilities before an attack. Skybox View maintains a comprehensive worm dictionary, simulates potential attack paths and propagation behavior of worms and displays the most effective mitigation alternatives. By leveraging unique network modeling, access analysis, attack simulation and “what if” prediction, organizations can justify which remediation alternatives make the most sense in terms of resources and worm prevention or containment effectiveness.

By simulating the propagation behavior of worms, Skybox View 2.0 helps enterprises understand which vulnerabilities or controls could be exploited and guides them on how to cost-effectively mitigate these weaknesses with the highest ROI. Because this automated process can be regularly conducted, the network infrastructure becomes more worm-resilient, effectively reducing the magnitude and scope of potential damage. With Skybox View enterprises can adopt a best practice of proactive worm defense management:

· Integrate worm defense into the risk assessment and management process
· Uncover the specific vulnerabilities that are being exploited by worms
· Predict worm propagation, simulate attack behavior and calculate business impact before exploitation
· Understand the most cost effective remediation steps to justify efforts (ROI)
· Maintain worm resiliency across the network infrastructure proactively
· Measure and report the overall effectiveness of worm defense controls
· Increase visibility of future worm impact across the entire organization

Price and Availability
Skybox View 2.0 is immediately available. Skybox View pricing starts at $50,000 and increases based on size of network.

About Skybox Security
Skybox® Security, Inc. is the leader of next-generation Security Risk Management (SRM) solutions. The company’s flagship product, Skybox® View, is the first enterprise software platform that raises vulnerability assessment, threat analysis, remediation planning and change management to the business risk level where it belongs. By combining business impact analysis and simulation with vulnerability data and network modeling, enterprises can continuously maintain risk-resilient networks, reduce regulatory compliance exposures and shrink the window of exposure from months to hours.

With Skybox View security professionals can take a disciplined approach to measure business risk exposure, understand effectiveness of remediation alternatives, justify mitigation efforts (ROI) and minimize damage from attacks while lowering operating cost. By enhancing current best practices and internal controls with automated risk management analysis, the security, network and business units can work more effectively as a team. Skybox solutions have been successfully deployed at highly respected Global 2000 companies worldwide.

Founded in 2002, the company is headquartered in Palo Alto, California and is backed by Benchmark Capital, Lightspeed Venture Partners, Carmel Ventures and Mofet Technology Fund. For more information contact (650) 565-8060 or http://www.skyboxsecurity.com.

About Skybox View
Skybox® View automates labor-intensive risk assessment and remediation planning processes. Skybox View helps enterprises continuously collect, identify, visualize and understand the total risk exposure of digital assets and proactively prioritize and optimize the mitigation steps necessary to prevent internal and external attacks. It represents the missing piece for assessing, evaluating and mitigating pre-attack exposures, taking network information and business impact into account. Unique patented modeling and attack simulation technologies generate a virtual map of business asset exposures distilling thousands of vulnerabilities down to the one to two percent that really matter. “What If” planning analysis puts security, network and business teams on the same page empowering IT organizations to balance the cost and benefit of proposed remediation, network changes or patches before deployment. The open collection architecture leverages existing and future investments in firewall, router, network and vulnerability scanner technologies.