Minimize Risks Exposure with up-to-date intelligence and continous network visibility

Risk Control



View our Risk Control demo

Focus on the most critical risks, every day

To protect business services and data, IT security managers must identify, analyze, and remediate important vulnerabilities to close off attack vectors.  Security teams must have network visibility and risk intelligence to pinpoint exploitable vulnerabilities and provide remediation options. Skybox® Risk Control automatically discovers and prioritizes vulnerabilities, using context-aware analytics that take network topology, security controls, business assets, and threat intelligence into account. Risk Control gives those on the front line of security the tools they need to focus attention on the most critical risks first to protect customer data, intellectual property and business services.

RiskControl_VulnerabilityProfileOverview Screenshot, Skybox View - Vulnerability Profile

Business Benefits

  • Optimize the vulnerability management process to keep up with security risks
  • Dramatically reduce the risk exposure time window from months to hours
  • Quantify the level of risk to the organization to support cost/benefit discussions

Technical Benefits

  • Automate vulnerability management tasks, linking discovery, risk assessment, remediation planning and reporting
  • Discover vulnerabilities automatically, without the disruption of an active scan
  • Identify vulnerabilities that can be exploited by an attacker
  • Simulate attack scenarios to find ways to block attacks
  • Monitor vulnerabilities continuously for compliance 
  • Meets PCI DSS 6.2b requirements for risk-based vulnerability assessment 

Classic Features

  • Automatically create and update a virtual network infrastructure model 
  • Customizable reporting for management, auditors, and IT operations
  • Built-in, automatic ticket generation system with remediation options and status tracking lets you check the impact of remediation alternatives quickly to resolve risks – fast
  • Comprehensive dashboards highlighting risk metrics, key performance indicators (KPIs), security profile, vulnerability intelligence data and violation alerts

Skybox Exclusive

  • Use Skybox's patent-pending rule-driven profiling technology to automatically detect vulnerabilities without the disruption of an active scan
  • Seamless integration with any active scan data for the most complete, up-to-date vulnerability intelligence possible
  • Context-aware visibility of network topology, security controls, access paths assets, and threats
  • What-if analysis predicts risk behavior and business impact
  • Most extensive integration supporting most information sources and devices: AlterPoint, BigFix, Check Point, Cisco, eEye, HP, ISS, Juniper, McAfee, nCircle, Nessus, Nortel, Opsware, Qualys, Symantec

When this large electricity and nuclear power producer sought a risk analytics solution to understand and manage the vulnerabilities impacting its IT infrastructure, it turned to Skybox Security. Existing IT complexity and a fast-growing network limited the organization’s ability to keep vulnerabilities in control. The implementation of Skybox Risk Control allowed the customer to automatically analyze and prioritize the top 1% of critical vulnerabilities, out of tens of thousands.

  • Find the most critical vulnerabilities quickly and provide remediation options
  • Identify high-risk attack paths through ‘virtual pen testing’
  • Highlight risk metrics, key performance indicators, and security alerts in a risk dashboard

Step 1 – Collect. Using Skybox's patent-pending rule-driven profiling technology, Risk Control with Vulnerability Detector deduces an accurate list of vulnerabilities without actively probing network hosts. Risk Control also automatically collects data from threat feeds, vulnerability scanners and patch management systems as well as network devices such as firewalls, routers, load balancers and more. Risk Control incorporates information about business assets and the relative value of systems and services – necessary to rank potential risks.

Step 2 – Analyze.The Risk Control analytical engine correlates identified vulnerabilities with vulnerability and threat intelligence from the Skybox Vulnerability Dictionary, and the network context.  Attack simulation is used to prioritize risks from an attacker's point of view – identifying possible access paths and the vulnerabilities that can be used to reach critical assets. 

Step 3 – Report and Act. With Risk Control, network security managers get immediate information on the most critical vulnerabilities and remediation alternatives. Connected to an automated ticketing system, Risk Control offers prioritized remediation options and tracks remediation progress.