Managing vulnerabilities is a complex process in today’s enterprise. Discovering vulnerabilities with a scanner takes time, and evaluating and prioritizing the results takes even longer. Meanwhile, the network is changing every day – even every hour. Often there are just too many barriers to make the traditional vulnerability management process a useful tool for risk mitigation, and vulnerability management is relegated to a box to ‘check’ during a compliance audit.
Skybox challenges the assumption that scanning is the best way to discover vulnerabilities. Skybox’s next-generation solution for vulnerability management utilizes non-disruptive, scanless technology that analyzes information repositories available in every enterprise—typically patch management and asset management systems—to automatically and accurately deduce vulnerability data on all network nodes. Additionally, Skybox Risk Control seamlessly integrates with every major vulnerability scanner, and scanner results can augment Skybox’s scanless vulnerability discovery.
Then, Skybox looks beyond a vulnerability’s severity rating, asserting that the criticality of a vulnerability depends on several factors, including existing security controls, the business asset, and the impact of a potential attack. Taking into consideration the network infrastructure and threat data, Skybox Risk Control automates the analysis of the vulnerabilities, eliminating vulnerabilities that are not exploitable and prioritizing remediation based on business impact and exploitability.
Skybox Security uses two approaches for prioritization:
- Hot Spots Analysis: Finds groups of hosts on the attack surface with a high density of severe vulnerabilities, which can be fixed en masse by broad action items, such as patching.
- Attack Vectors Analysis: A surgical approach that finds specific, high-risk attack vectors around one or a few hosts that would require quick remediation (patching, shielding, network configuration) to eliminate exposure of specific targeted assets.
Once a short list of action items is available, Skybox Risk Control provides context-aware remediation recommendations that consider a variety of remedial actions, such as IPS signature activation, firewall configuration changes, patching, system configuration, and more. Further, Skybox Risk Control enables effective communication with the relevant IT operations team, and integrated workflow generates and tracks remediation actions.
To learn more about this new approach to vulnerability management, you can read the white paper recently released by Skybox Security, Next-Generation Vulnerability Management: Transform Checkbox Compliance Vulnerability Management into a Powerful Risk Mitigation Tool.