Find and Fix Today's Vulnerabilities Today

Skybox Vulnerability Control (formerly Risk Control)

Continuous vulnerability discovery, analysis, and remediation


How It Works

  • Incorporates vulnerability data from third-party scanners or with Skybox Vulnerability Detector
  • Simulate attack scenarios from multiple threats
  • Incorporate information on network security controls
  • Automated proposal of remediation alternatives
  • Generate tickets and workflows
  • Prioritize vulnerabilities based on exploitability and imposed risk
  • Identify riskiest vulnerabilities to fix immediately


Skybox Vulnerability Control (formerly Risk Control) is a next-generation approach to vulnerability management. Vulnerability Control's scanless vulnerability assessment technique discovers vulnerabilities daily, even on traditionally "un-scannable" devices. With total network visibility and continuous threat information, Vulnerability Control automatically analyzes business risk and prioritizes remediation activities within the context of your network, so you can take the best actions fast.


Vulnerability Assessment

  • No disruptive scanning required: Automatically and accurately generate vulnerability data without an active scan by analyzing data repositories including patch and asset management systems
  • Bring risk into view: Consolidates vulnerability data from multiple third-party scanners to gain an unparalleled view of network risk

Attack Simulation

  • Visualize threats from any origin: Discover all possible attack scenarios by all possible threats as they may impact business, even in the most complex networks where such manual analysis would not be efficient
  • Think like a hacker: Simulate attack scenarios to determine the impact of an attack from various threat origins and learn from your network how to better protect business-critical assets

Context-Aware Prioritization

  • Find vulnerability hot spots: Perform context-aware analysis to identify vulnerability concentrations and map them to business units or geographies, vendor platforms, security bulletins, and more
  • Determine access and impact: Identify attack vectors, taking into account network access paths, risk to valuable assets, and compensating security controls such as firewalls and IPS
  • Increase accuracy and efficiency: Eliminate unnecessary patching and quickly reduce the attack surface to lower risk as fast as possible

Actionable Remediation

  • Remediate in context: Remediate based on risk posed to your network instead of just severity ratings to focus resources on vulnerabilities with the most likelihood to occur and worst potential impact
  • Know your options: Receive prioritized remediation recommendations and track remediation progress to ensure efforts are on track until risks are neutralized


  • Discovery Center: See the initial vulnerability assessment process in one centralized view to quickly access vulnerability data from third-party scanners or Skybox’s scanless Vulnerability Detector
  • Analytics Center: Harness sophisticated risk analytics and the Skybox Vulnerability Database to eliminate irrelevant vulnerability data and create an accurate, prioritized picture of risk
  • Remediation Center: Resolve vulnerabilities fast with visualized tracking of remediation efforts in one dashboard