|By Business Wire||
|February 25, 2014 09:13 AM EST||
Skybox Security, the leading provider of risk analytics for cyber security, launched Skybox Risk Control 7.0, a comprehensive vulnerability management solution. Highlighting the Risk Control 7.0 release is a new remediation dashboard, which provides a central view for IT security professionals to effectively monitor and track vulnerability remediation activities in large organizations. Today, hackers frequently exploit vulnerabilities in servers, desktops and network devices to breach information system defenses to launch attacks, spread viruses and malware and steal confidential data.
Skybox’s context-aware remediation approach allows IT practitioners to automatically convert volumes of vulnerability data into detailed remediation instructions, supporting an end-to-end vulnerability management process that is 50 times faster than traditional solutions. Skybox identifies concentrations of vulnerabilities by vendor, business unit, security bulletins, or by geographic location in a company, enabling organizations to reduce overall vulnerability levels quickly, with minimal effort. In addition, Skybox uses attack simulation and its comprehensive view of network topology to identify specific attack vectors against critical assets.
“Skybox Security allows security teams to address and remediate risks every single day,” said Gidi Cohen, CEO of Skybox Security. “Most enterprises take months to discover, prioritize and remediate vulnerabilities, and hackers take advantage of that time lapse. Using Skybox Risk Control for vulnerability management, our customers meet challenging internal requirements to deliver same-day identification and resolution of critical vulnerabilities. This is impossible to achieve using traditional vulnerability management approaches.”
Created for security managers who are responsible for taking action on found vulnerabilities, the remediation dashboard provides a centralized view to monitor and track the vulnerability remediation process against defined service level agreements (SLAs). Security metrics track resolution of vulnerabilities against goals, such as fixing high-priority vulnerabilities within a defined period of time, or achieving a target rate of found versus fixed vulnerabilities, and provide a breakdown of vulnerabilities that meet the SLA and those that do not.
The remediation dashboard guides daily remediation efforts by providing a prioritized list of vulnerabilities and presenting multiple remediation alternatives to block or mitigate known vulnerabilities, such as patching, IPS shielding, configuration changes, or a prioritized list of security bulletins that should be applied.
The remediation dashboard completes Risk Control’s three-step workflow to simplify vulnerability management for enterprise-scale organizations:
- The Discovery Center provides a centralized view of the initial vulnerability assessment process, including quick access to vulnerability data gathered from third-party scanners or Skybox’s scanless Vulnerability Detector.
- The Analytics Center uses sophisticated risk analytics and the Skybox Vulnerability Database to eliminate irrelevant vulnerability data and provide an accurate, prioritized picture of risk.
- Finally, the Remediation Center, featuring the new vulnerability remediation dashboard, supports fast resolution to achieve desired security objectives.
Additional enhancements for Skybox’s vulnerability management solution, based on Risk Control, include Vulnerability Detector, providing scanless non-disruptive vulnerability detection at speeds of 100,000 hosts per hour. By comparison, the typical rate of a traditional active scanner is 250 hosts/hour.
Risk Control’s Vulnerability Detector supports Microsoft Windows, Linux, VMWare, Citrix, Apple Mac OS and various Unix operating systems; network devices from Cisco, Check Point, Juniper Networks, and F5; and popular enterprise end user applications such as web browsers, Microsoft Office, Adobe Flash Player, Adobe Reader, Skype, and Microsoft Lync.
With Skybox’s vulnerability management solution, a leading UK financial services team was able to take action on critical risks the same day the vulnerabilities were detected. And Repsol, a Spanish multinational oil and gas company, has been able to significantly reduce the number of false positives from 20 percent to less than 1 percent, allowing it to focus accurately on high-priority risks.
Skybox will be demonstrating the Risk Control 7.0 and the Remediation Center at RSA Conference USA 2014. For more information, please visit Booth 715, South Hall.
About Skybox Security, Inc.
Skybox Security, Inc. provides the most powerful risk analytics for cyber security, giving security management and operations the tools they need to eliminate attack vectors and safeguard business data and services. Skybox solutions provide a context-aware view of the network and risks that drives effective vulnerability and threat management, firewall management, and continuous compliance monitoring. Organizations in Financial Services, Government, Energy, Defense, Retail, and Telecommunications rely on Skybox Security every day for automated, integrated security management solutions that lower risk exposure and optimize security management processes. For more information visit: www.skyboxsecurity.com.
NOTE: Skybox® Security is a registered trademark of Skybox Security Inc. All other registered and unregistered trademarks herein are the sole property of their respective owners. Product specifications subject to change at any time without prior notice. © 2014 Skybox Security, Inc. All rights reserved.
The term culture has had a polarizing effect among DevOps supporters. Some propose that culture change is critical for success with DevOps, but are remiss to define culture. Some talk about a DevOps culture but then reference activities that could lead to culture change and there are those that talk about culture change as a set of behaviors that need to be adopted by those in IT. There is no question that businesses successful in adopting a DevOps mindset have seen departmental culture change, ...
Dec. 27, 2014 12:45 PM EST Reads: 1,674
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Ar...
Dec. 27, 2014 12:30 PM EST Reads: 2,433
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
Dec. 27, 2014 12:30 PM EST Reads: 1,935
The 4th International DevOps Summit, co-located with16th International Cloud Expo – being held June 9-11, 2015, at the Javits Center in New York City, NY – announces that its Call for Papers is now open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's large...
Dec. 27, 2014 12:00 PM EST Reads: 2,688
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
Dec. 27, 2014 12:00 PM EST Reads: 1,774
The definition of IoT is not new, in fact it’s been around for over a decade. What has changed is the public's awareness that the technology we use on a daily basis has caught up on the vision of an always on, always connected world. If you look into the details of what comprises the IoT, you’ll see that it includes everything from cloud computing, Big Data analytics, “Things,” Web communication, applications, network, storage, etc. It is essentially including everything connected online from ha...
Dec. 27, 2014 12:00 PM EST Reads: 2,349
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...
Dec. 27, 2014 11:30 AM EST Reads: 2,502
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 27, 2014 11:00 AM EST Reads: 1,915
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
Dec. 27, 2014 11:00 AM EST Reads: 7,167
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
Dec. 27, 2014 11:00 AM EST Reads: 2,110
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective ...
Dec. 27, 2014 11:00 AM EST Reads: 1,987
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using ...
Dec. 27, 2014 11:00 AM EST Reads: 2,144
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happe...
Dec. 27, 2014 10:00 AM EST Reads: 2,110
DevOps is all about agility. However, you don't want to be on a high-speed bus to nowhere. The right DevOps approach controls velocity with a tight feedback loop that not only consists of operational data but also incorporates business context. With a business context in the decision making, the right business priorities are incorporated, which results in a higher value creation. In his session at DevOps Summit, Todd Rader, Solutions Architect at AppDynamics, discussed key monitoring techniques...
Dec. 27, 2014 10:00 AM EST Reads: 1,834
The 3rd International @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to th...
Dec. 27, 2014 09:00 AM EST Reads: 2,747