Skybox Version 13.2 – anticipate the future exploitability of vulnerabilities

This new version enhances vulnerability prioritization with insights into the probability that a vulnerability will be exploited in the future and includes new attack surface management features and improved firewall optimization capabilities.

Skybox 13.2 is the latest version of the award-winning Skybox Continuous Exposure Management Platform, delivering:
  • Improved vulnerability prioritization, informed by the probability of future exploit.
  • Greater visibility of the attack surface with new application views.
  • Support for Prisma Cloud, enhanced firewall rule usage analysis, and much more.

Anticipate future risk

When it comes to assessing the risk posed by a vulnerability, Skybox has long provided the most sophisticated multi-factor risk prioritization on the market. Skybox combines CVSS severity score, and evidence of exploitability in the wild, with customer-specific factors, such as the business impact on an asset and the extent to which the asset is exposed to being exploited across the network. This combination makes it possible for customers to prioritize those vulnerabilities for remediation that matter most to their unique circumstances.

With Skybox Version 13.2, this vulnerability prioritization capability has been further strengthened by including the Exploit Prediction Scoring System (EPSS) in the calculation.

EPSS is a metric that estimates the chances of exploitation of a disclosed CVE entry. Unlike the CVSS score, which examines the core characteristics of a vulnerability and provides a measure of severity, the EPSS score helps customers understand future risk by providing a calculation of the probability that a vulnerability will be exploited in the wild by a threat actor over a specified time interval.

Calculate the probability that a vulnerability will be exploited in the future in your organization

By forecasting the probability of a future exploit, prioritization is more precise, focusing teams on vulnerabilities that pose the highest risk. This capability is automatically provided as a part of the daily update for all CVEs in the Skybox threat intelligence feed.

Get visibility of the application landscape

Also new in 13.2, Skybox has enhanced Model Explorer to provide discovery and visibility of the applications in use in the organization. A new Applications & Services module within Model Explorer allows the user to visualize all discovered applications, along with their relevant assets and utilized network services.

Understand how applications interact with assets and network services

The result is a comprehensive view of an organization’s application landscape and the ability to understand precisely how different applications interact with various assets and network services. For example, if an operating system vendor announces that everyone using a particular version of the operating system must upgrade to the latest version because of a security problem, the security engineer can see all the assets using the particular operating system version and advise the asset owners to upgrade immediately.

Identify misconfigurations in cloud-native infrastructure

In Version 13.2, customers can now use Skybox Vulnerability Control to incorporate misconfiguration alerts generated by Palo Alto Prisma Cloud into the overall vulnerability management program. With this capability, customers can now use Skybox to consolidate their IT, OT, and cloud vulnerability management initiatives into a single solution.

Support for misconfiguration alerts from Prisma Cloud enables accurate asset risk scoring and prioritization for infrastructure, workloads, and applications across the cloud-native technology stack.

Get enhanced usability and superior performance

In this version, Skybox has enhanced the usability and performance of rule usage analysis, making it easier to validate rule additions and modifications, identify and remove unused policies, and refine overly permissive rules.

Analyze rule usage for optimum performance

This version also sees the continuing development of the Change Manager user interface, ensuring more features can be accessed easily via the standard Skybox browser interface.

There are a host of user-experience enhancements to make it easier to navigate the network map and explore the attack surface, including the ability to create and manage map groups, manage map group members, and move assets and networks within groups.

Create and manage map groups

Checkpoint’s externally managed gateway capability allows users to incorporate non-Checkpoint devices, such as other vendors’ firewalls or routers, into their secure VPN networks. With this version, Skybox can now model and analyze Checkpoint VPN networks that include these externally managed devices, providing greater visibility into the customer’s network topology and enhancing security awareness and compliance analysis.

Learn more

Skybox Version 13.2 contains over 40 new enhancements across the Skybox platform, from the underlying ecosystem, to the Web GUI, and in each of the main product modules. Details of these enhancements are contained in the 13.2 Release Notes, available via the Skybox Customer Portal, and Partner Portal.

Learn more about how Skybox protects your data, reputation, assets, and future: