Minimize Risks Exposure with up-to-date intelligence and continous network visibility

Threat Manager


Assess and rank critical cyber threats
With numerous threat alert sources providing continuous vulnerability data on the latest threats to the
organization, IT security managers can easily become overwhelmed. To identify which threats will
have the most critical impact, security managers must be able to quickly normalize the incoming threat
feeds and prioritize them according to criticality while also creating a remediation plan. Skybox® Threat
easily manages threat workflow by continuously presenting the latest update of an alert,
highlighting matches in the system, and executing queries that automatically prioritize vital threats to the organization.

ThreatManager_Correlation Screenshot, Skybox View - Threat Manager

Business Benefits

  • Assess threats across the entire organization
  • Manage threats correctly with integrated remediation workflow and ticketing
  • Dramatically reduces man-hours spent manually prioritizing critical threats

Technical Benefits

  • Consistent, normalized view of all incoming threat alerts and bulletins
  • Prioritize vulnerabilities by criticality with automated threat ranking system
  • Keep executives and operations updated with threat reports
  • Track threat changes by phases to ensure compliance

Classic features

  • Normalized and centralized threat alert and bulletin repository
  • Flexible and custom threat ranking based on product and technology repositories, alert properties, host and vulnerability instances
  • Threat lifecycle workflow, tailored for each specific environment
  • Recommended remediation for each threat and automated tracking of remediation status
  • Built-in ticketing system that integrates with an organization’s helpdesk console and ticketing systems
  • Executive and operations reporting

Skybox exclusive

  • Fully customizable view and SLA for what should be reviewed and for how long
  • Centralized view of all threats eliminates need to review multiple emails to obtain data
  • Vulnerability analysis provides impact analysis aligned with CVSS
  • Automated IT vulnerability threat management and prioritization
  • Supports third party feeds: Symantec DeepSight, VeriSign iDefense
  • Supports most major information sources and devices: AlterPoint, BigFix, Check Point, Cisco, eEye, HP, ISS, Juniper, McAfee, nCircle, Nessus, Nortel, Opsware, Qualys, Symantec

With hundreds of threats alerts coming in each week, this organization needed a better way to efficiently collect, analyze and plan each remediation and keep the organization free from risk exposures. Skybox Threat Manager in conjunction with Skybox Risk Control allowed the organization to automatically collect and normalize threat feeds into one central view and prioritize those threats according to their impact on the organization, thereby dramatically reducing their window of risk exposure.

  • Identify the most critical threats to the organization in a matter of minutes
  • Streamline remediation process by automating ticket creation
  • In-depth reports keep executives and staff on the same page

Step 1 Collect. Skybox Threat Manager automatically collects data from threat feeds and bulletins from the Skybox Vulnerability Dictionary, third party feeds (such as Symantec DeepSight and VeriSign iDefense) and normalizes them into a consistent view.

Step 2 Analyze. The Threat Manager analyzes the normalized data to prioritize threats based on relevance and criticality to the organization. Remediation recommendations are generated and tickets can be issued automatically.

Step 3Report and Act. With Threat Manager, IT security managers receive the latest information on critical threats and vulnerabilities. With an integrated ticketing system, Threat Manager simplifies the remediation tracking process. Executive reports provide the status of each remediation action and overall vulnerability status of the entire organization.