Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

3/10/2016
01:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SkyboxSecurity Unveils Attack Surface Visualization Offering

SkyboxHorizon reduces exposure to cyberattacks by giving CISOs unprecedented visibility of the attack surface and Indicators of Exposure (IOEs).

SAN JOSE, Calif. (February 29, 2016) – Skybox® Security, a global leader in security analytics, unveiled today Skybox® Horizon, a first-of-its-kind security management tool that gives CISOs the unprecedented ability to visualize their enterprise attack surface in its entirety. Skybox will be previewing Horizon at the RSA Conference in San Francisco.

Integrating with the Skybox® Security Suite, the company’s award-winning analytics platform, Horizon uses the contextual intelligence gained from consolidating and analyzing data from various sources to create a visual, interactive model that links network topology, network connections, business units and organizational hierarchy. It shows Indicators of Exposure (IOEs) throughout the attack surface, such as exploitable attack vectors, hot spots of vulnerabilities, network security misconfigurations, and risky firewall access rules, giving CISOs deep insight into the state of their security from the widest possible range of sources.

In today’s complex security landscape, networks are getting larger and more complicated, creating myriad holes in defenses, while cyberattacks are increasing in sophistication and persistence. This is making it more difficult than ever for CISOs to centralize security and gain visibility over the attack surface, the ways in which their IT systems are vulnerable to threats including potential attack vectors.

According to a 2015 Gartner report*, enterprises are shifting security budgets to security management platforms that integrate existing technologies, provide insight through analytics of previously siloed data and enable security operations teams to automate and prioritize activities.

They are also looking for solutions that can help them more effectively report the security posture of the enterprise to the board and executives, in order to better inform IT security decision making throughout the organization.

“For years, CISOs have struggled to gain a satisfactory level of visibility over their attack surface so they can truly understand their organization’s vulnerability to threats,” said Skybox Founder and CEO Gidi Cohen. “Traditional approaches fall short — data is isolated between technologies from multiple vendors, providing only fleeting glimpses into the state of security. When CISOs only have access to partial information, they can’t analyze data in context, which limits their ability to quickly make decisions about where to direct scarce resources. We’re changing this with Horizon.”

At RSA, Skybox will demonstrate how Horizon works with the company’s vulnerability management, threat intelligence management, and security policy management products to create a comprehensive security management program that uses visibility to shrink the attack surface.

 

Skybox Horizon Features

 

·         Visualize and analyze the attack surface with an interactive model that links network topology, network connections, business units, and organizational hierarchy

·         Present IOEs such as exploitable attack vectors, hots spots of vulnerabilities, network security misconfigurations, and risky firewall access rules

·         Respond faster to emerging threats by pinpointing and protecting the systems most vulnerable to those threats; drill down with interactive tools to get quick summaries of actionable intelligence

·         Systematically manage and reduce the attack surface by allocating security resources to where they are most needed, identifying security teams within the enterprise that need extra support, streamlining audits, and demonstrating progress toward security and compliance goals

 

Horizon is scheduled for general release in late March, available with licensing of Skybox Security Suite modules. For more information on Skybox Horizon, go to https://www.skyboxsecurity.com/products/skybox-horizon

 

About Skybox Security
www.skyboxsecurity.com

 

Skybox arms security leaders with a powerful set of integrated security solutions that give unprecedented visibility of the attack surface and key Indicators of Exposure (IOEs) such as exploitable attack vectors, hot spots of vulnerabilities, network security misconfigurations and risky firewall access rules. By extracting actionable intelligence from data using modeling and simulation, Skybox gives leaders the insight needed to quickly make decisions about how to best address threat exposures that put their organization at risk, increasing operational efficiency by as much as 90 percent. Our award-winning solutions are used by the world’s most security-conscious enterprises and government agencies for vulnerability management, threat intelligence management and security policy management, including six of the top 10 global banks and six of the 10 largest NATO member countries.

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32094
PUBLISHED: 2021-05-07
U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to upload arbitrary files.
CVE-2021-32095
PUBLISHED: 2021-05-07
U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to delete arbitrary files.
CVE-2021-32096
PUBLISHED: 2021-05-07
The ConsoleAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows a CSRF attack that results in injecting arbitrary Ruby code (for an eval call) via the CONSOLE_COMMAND_STRING parameter.
CVE-2021-32098
PUBLISHED: 2021-05-07
Artica Pandora FMS 742 allows unauthenticated attackers to perform Phar deserialization.
CVE-2021-32099
PUBLISHED: 2021-05-07
A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass.