Skybox version 13.0 – vulnerability and security policy management enhancements

Skybox announces new consolidated vulnerability management capability and unique “solution views” for devolved security teams.

Skybox 13.0 is the latest version of the award-winning Skybox Continuous Exposure Management Platform, delivering:
  • Greater visibility across the attack surface
  • Reduced cyber risk and increased operational efficiencies
  • Enhancements to vulnerability and security policy management capabilities

Vulnerability management enhancements

2022 saw 25,000 new security vulnerabilities recorded, a 25% jump over the previous year and the trend shows no sign of slowing in 2023.

As a part of the Skybox continuous exposure management platform, the vulnerability management solution leverages an array of 3rd party threat intelligence sources, and the Skybox Threat Intelligence feed, enriching the attack surface map and providing a holistic view of vulnerability and threat exposure. Organizations can apply multi-factor risk assessment and prioritization, to focus resources on the most significant vulnerabilities.

Consolidated multi-source vulnerability data

With Version 13.0, customers can now import vulnerability data from any source with or without CVE data, retaining both the unique scanner ID and any associated custom attributes. This capability enables organizations to consolidate external vulnerability data into the management environment and provides a “one-stop shop” for a wide range of vulnerability management activities, from penetration testing projects to manual vulnerability control projects.

New business-focused “Solutions view”

Version 13.0 includes a new Solutions view that enables organizations to identify the most important compensating controls that can be applied to mitigate exposures, based on factors such as a particular business unit or application. For example, “Show me the top N solutions that most greatly reduce the risk to Windows Assets in Hong Kong without IPS?” Or “What are the top N solutions that most greatly reduce the risk to my Oracle application?”

The Solutions view helps maximize the effectiveness of the security team and is ideally suited to organizations with devolved security teams that need to make decisions about the mitigations that matter most to their specific part of the business.

Solutions Filtering based on Assets

Support for CISA KEV celebrity vulnerabilities

Version 13.0 enables customers to quickly identify and plan the remediation of celebrity vulnerabilities as defined by the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) catalog.

This catalog maintains a list of celebrity vulnerabilities that cybercriminals have exploited in recent attacks. CISA strongly recommends all organizations review and monitor the KEV catalog and prioritize remediation of the listed vulnerabilities to reduce the likelihood of compromise by known threat actors.

Version 13.0 sees the addition of a “CISA_KEV” setting within the Skybox vulnerability dictionary that enables customers to quickly identify the presence of celebrity vulnerabilities on assets, examine the extent to which those assets are exposed to attack, and plan remediations accordingly.

Identify "celebrity" vulnerabilities

SOAR integration

SOAR integration – Version 13.0 provides customers with a new set of SOAR-focused REST APIs they can use to integrate Skybox vulnerability and threat management data directly into their Security Orchestration, Automation, and Response (SOAR) platform, streamlining SOC investigation and remediation activity.

Security policy management updates

Version 13.0 sees numerous updates to security policy management including:

  • Access compliance: NIST 800-41 Access Policy – Updates to the out-of-the-box NIST 800-41 Access Policy, enabling customers to rapidly run compliance tests, identify violations, and proactively address them.
  • Change Manager: Application rules provisioning – the ability to take an application-centric approach to the design of change management workflows and processes.
  • Enhanced integration with Cisco ACI – including the Intra Tenant Common Contract, Inter Tenant Inter VRF Common Contract, and support for VMware vCenter integration.

Enhancements to Version 13.0 of Skybox Cloud Edition include:

  • New APAC data center – Customers can now choose to provision Skybox Cloud Edition from a new data center in Singapore, supporting the requirement to maintain data residency within the APAC region, enhance performance, and reduce the risk of latency between the server and the customer’s assets.
  • Managed SaaS Collector – Optimized service for collecting data from customers’ assets that are in the public cloud infrastructure, accelerating deployments, and reducing the on-premise hardware footprint.

Distribution media

In line with previously published plans to de-commission Skybox’s CentOS-based OS in June 2024, Version 13.0 sees the introduction of an Ubuntu ISO-based appliance. Initially, this will be deployed by the Skybox Professional Services team with a view to general availability in Q4 of this year.

Learn more about 13.0 features for attack surface management:

September 12, 2023

Skybox version 13.0 – new attack surface management enhancements

Discover what's new in the Skybox Security Version 13.0 release: advanced attack surface mapping and unique attack path analysis capabilities.

Want more information?

Find technical documentation for the Skybox version 13.0 release on the Documentation Portal. As always, technical support is available via the Customer Community.