Skybox Risk Control
Predict and prevent cyber threats
||Identify attack scenarios | Prioritize vulnerability
Supports most major information sources and devices: AlterPoint, BigFix, Check Point, Cisco, eEye, HP, ISS, Juniper, McAfee, nCircle, Nessus, Nortel, Opsware, Qualys, Symantec
How it works:
Collect: Skybox Risk Control automatically collects data from threat feeds, vulnerability scanners and patch management systems - as well as network device configurations for firewalls, routers, load balancers, and more. Risk Control incorporates information about assets and the relative value of systems and services that are necessary to rank potential risks.
Analyze: The Risk Control analytical engine normalizes the information into a CMDB, creates a model of the network, and incorporates Skybox vulnerability content with intelligence about the likelihood and severity of potential attacks. A Skybox IT risk assessment is conducted from theattackers point of view – identifying possible access paths and the security gaps that can be used to reach critical assets.
Report and Act: With Risk Control, network security managers get immediate information on the most critical risks and remediation alternatives. Connected to a ticketing system, Risk Control immediately notifies the IT security team of problems in the system – before they become emergencies.
Business and Technical Benefits
- Quantify the level of risk to the organization to support cost/benefit discussions
- Demonstrate the before and after impact of security programs to overall risk level
- Dramatically reduces the risk exposure time window from months to hours
- Pinpoint and prioritize the vulnerabilities that can be exploited by an attacker
- Simulate attack scenarios to identify potential impact of cyber threats
- Automated risk assessment improves accuracy and supports continuous security and compliance processes
- Generates PCI DSS reports on effectiveness of compensating security controls and vulnerability management program
- Scheduled or on-demand collection of threat, cyber vulnerability, policy and threat information.
- Automatically creates and updates a virtual model of the IT infrastructure
- Customizable reporting for management, auditors, and IT operations
-Built-in ticket generation system and remediation status tracking
- Comprehensive dashboard highlighting key performance indicators (KPIs), security profile, and alerts
- Most detailed model of network topology, access paths, and threats.
- What-if analysis—predicts risk behavior and business impact
- Risk metric and business impact reports are generated in minutes
- Automated IT vulnerability management and prioritization
Watch the demo