Skybox Security announced the next generation of its Continuous Exposure Management Platform. This 13.0 release introduces significant advancements to its Attack Surface and Vulnerability Management solutions, revolutionizing how enterprises manage and mitigate cyber exposure risk.
“In today’s complex threat landscape, organizations need to continuously manage their threat exposure based on the prioritized risks to their business,” said Mordecai Rosen, CEO of Skybox Security.
“The Skybox platform now supports each stage of an enterprise’s continuous exposure management (CEM) program, from mapping the attack surface, through contextualization and risk-based prioritization, to final remediation. Our latest enhancements enable organizations to further improve their security posture and significantly reduce the risk of a successful attack,” added Rosen.
Attack surface management delivers complete visibility
The Skybox Attack Surface Management solution delivers a comprehensive inventory and map of assets, applications, and users. It analyzes attack paths and simulates attacks. This culminates in a dynamic security model of the hybrid attack surface. Version 13.0 delivers significant new capabilities including:
- New attack surface map: This release unveils a stellar new way visualize, navigate, and interact with the attack surface map. Customers can now intuitively filter and highlight specific segments of their infrastructure. Assets can be grouped manually or automatically for enhanced comprehensibility. Enhanced search facilitates rapid asset location and navigation. This new map delivers new levels of clarity and precision.
- Enhanced attack path analysis: Understanding the importance of lateral attacks, threats from supply chain partners, and inside threats, version 13.0 now includes the threat origin (Internet, Partner, Insider) in its attack path analysis. Knowing where the threat originates drives better prioritization and mitigation decision-making through better risk context.
- LDAP integration: Organizations can now seamlessly model Group Policy Objects (GPOs) from LDAP directories such as Microsoft Active Directory within the Skybox platform. This integration provides direct insights into security policy settings for users, organizational units, and computers.
- Cloud infrastructure integration: Addressing the challenges posed by hybrid and cloud infrastructures, version 13.0 centralizes cloud-related data, including AWS firewall rules and assets. This advancement enhances the platform’s capabilities in navigating complex infrastructures.
Vulnerability management deepens exposure insights
Skybox’s Vulnerability Management solution aggregates over 25 third-party threat intelligence feeds, combined with the in-house Skybox Threat Intelligence feed, to help prioritize threats with exposure-based risk — and remediate exposures with prescriptive guidance. With version 13.0, organizations can:
- Import vulnerability data: Customers can now consolidate their own vulnerability data from various sources within the platform, establishing a single solution for a variety of vulnerability management activities. This streamlined approach incorporates vulnerability data from other sources including penetration testing and in-house vulnerability sources.
- New business-focused “Solutions View”: Version 13.0 introduces the “Solutions View,” designed to identify essential compensating controls tailored to specific business units or applications. This functionality empowers organizations to maximize security efforts by focusing on mitigations that align with their unique needs.
- Celebrity vulnerabilities: With version 13.0, organizations gain the capability to swiftly identify and address celebrity vulnerabilities outlined in the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) catalog. This proactive measure targets vulnerabilities frequently exploited by known threat actors.
- SOAR integration: Version 13.0 integrates seamlessly with Security Orchestration, Automation, and Response (SOAR) platforms through a set of focused REST APIs. This integration enhances investigation and remediation activities for the Security Operations Center (SOC).
Updates to the Firewall and Network Assurance products encompass general user interface improvements and NIST 800-41 Access Policy updates. These enhancements expedite compliance testing, violation identification, and proactive resolution.