Skip to content
Skybox has ceased operations. Impacted customers have a path forward with Tufin’s ExpressPath Transition Program.
For Skybox vendors and contractors who are impacted, questions can be addressed to G2 Capital Advisors at glarocca@g2cap.com
Contact Sales
Solutions
Products
Resources
Services
Partners
Company
Back
Contact Sales
Return to

Skybox Research Lab

The Skybox Threat Intelligence Experts

At the forefront in analyzing the latest cyber vulnerabilities and threats for over a decade, the lab delivers comprehensive, actionable, and timely threat intelligence that powers Skybox’s Vulnerability and Threat Management solution, and enables our customers to discover, prioritize and remediate risks. Our team of analysts continuously monitors dozens of security sources, tracking and analyzing tens of thousands of vulnerabilities on thousands of products, along with the latest data on exploits and malware taking advantage of these vulnerabilities.

Learn more about the Skybox Research Lab

Articles by Skybox Research Lab

January 22, 2025
Ivanti Zero-Day Vulnerabilities: How to defend against CVE-2025-0282 and CVE-2025-0283

Ivanti identified two significant flaws impacting their Connect Secure, Policy Secure, and ZTA gateway products. Learn how you can mitigate your risk.
December 6, 2024
A decade old Cisco ASA Vulnerability under active exploitation: How to defend against CVE-2014-2120

A decade-old Cisco vulnerability in the Adaptive Security Appliance (ASA) Software is being exploited in the wild. Learn how you can better mitigate your risk.
November 26, 2024
Microsoft Zero-Days November Patch Tuesday Vulnerabilities: How to defend against CVE-2024-43451 and CVE-2024-49039

Two zero-day vulnerabilities have been found targeting Microsoft Windows and Windows Server products. Learn how to protect against these vulnerabilities.

October 16, 2024
Ivanti Zero-Day Vulnerabilities: How to defend against CVE-2024-9479, CVE-2024-9380, and CVE-2024-9381

Three new vulnerabilities in Ivanti Cloud Services Appliance (CSA) were exploited in a chained attack with a previously disclosed flaw. See how to reduce your risk.
September 10, 2024
Google Chrome Zero-Day Vulnerability: How to defend against CVE-2024-7971

An unauthenticated Type Confusion vulnerability, CVE-2024-7971, was found in Google Chrome's V8 JavaScript engine. Learn how to mitigate your risk if affected.
August 8, 2024
The Lasting Impact of the CrowdStrike Update Outage

In July 2024, millions of Windows users were locked out of their systems due to a flaw in a CrowdStrike update. Let’s examine the details of...
July 15, 2024
OpenSSH RegreSSHion Vulnerability: How to defend against CVE-2024-6387

An unauthenticated Remote Code Execution flaw, CVE-2024-6387, was found targeting OpenSSH's server (sshd). Learn how you can mitigate your risk.

June 1, 2024
Check Point Zero-Day Vulnerability: How to defend against CVE-2024-24919

A zero-day vulnerability, CVE-2024-24919, has been found targeting Check Point Network Security gateway products. Learn how to protect against this vulnerability.
April 26, 2024
Cisco ArcaneDoor vulnerabilities: How to defend against CVE-2024-20353, CVE-2024-20359

Two vulnerabilities, CVE-2024-20353 and CVE-2024-20359, were found targeting Cisco ASA and FTD. Learn how you can defend against these vulnerabilities.
March 27, 2024
JetBrains TeamCity vulnerability: How to defend against CVE-2024-27198, CVE-2024-27199

Two vulnerabilities, CVE-2024-27198 and CVE-2024-27199, were recently discovered on the JetBrains TeamCity CI/CD platform. Learn how you can reduce your risk.
February 27, 2024
Fortinet FortiOS vulnerability: How to defend against CVE-2024-21762

An out-of-bounds write vulnerability, CVE-2024-21762, was recently discovered in FortiOS and FortiProxy. Discover how to reduce your risk if affected.
January 29, 2024
Ivanti VPN vulnerability: How to defend against CVE-2023-46805, CVE-2024-21887

Two zero-day vulnerabilities, CVE-2023-46805 and CVE-2024-21887, were recently discovered on the Ivanti VPNs. Learn how you can mitigate your risk.

January 24, 2024
Three critical flaws with today’s vulnerability management solutions

More needs to be done to prevent vulnerability exploits.
January 18, 2024
What’s new with CVSS 4.0: Four thoughts on its impact on Vulnerability and Threat Management

Long overdue, the new CVSS 4.0 scoring model was released in November, 2023. Skybox participated in the development of the latest version. Here are our four...
January 10, 2024
Think like a cybercriminal to reduce cyber exposure

Known vulnerabilities and security gaps give adversaries easy access to your organization. Strengthen your security posture. Shut the door on cyber risk.

November 28, 2022
First cybersecurity solution that connects Vulnerability Management with Threat Hunting

Skybox maps vulnerabilities to malware by name, category, and distinct classes – ransomware, Remote Access Trojans, botnets, cryptocurrency miners, trojans, and more.

November 16, 2022
Cybersecurity product consolidation: Skybox customers save 50% by consolidating redundant or unnecessary tools

Forrester Study shows how Skybox customers decommission unnecessary vulnerability, firewall, network policy management, reporting, and analytics toolsets.
July 15, 2022
Endemic vulnerabilities: 3 ways to mitigate Log4j exposure

Overcome Log4j patching fatigue with threat intelligence and attack path analysis. Focus on top 1% of exposures and surgically prioritize risk reduction.

July 19, 2021
3 trends shaping security posture management for 2021

Explore emerging vulnerability and threat trends. Learn how to prioritize critical vulnerabilities, close the remediation gap, and validate security posture.