What’s new in the Skybox Security version 12.0 release

Reduce cyber risk with Skybox Security Posture Management Platform 12.0. Skybox announces industry-first capability: association of vulnerabilities with malware families by name and type.

With Skybox version 12.0 you will gain:

  • Greater visibility across the attack surface
  • Operational efficiencies
  • Improved time to value

The Skybox network model is the most complete and accurate source to calculate risk and eliminate exposures. With Skybox Security Posture Management Platform release version 12.0, customers benefit from numerous enhancements detailed below.

New vulnerability and malware correlation

Skybox is the first vendor to associate software vulnerabilities to malware families by name and type in its platform. This new capability demonstrates how proactive vulnerability management can reduce the time and resources spent in reactive activities like threat hunting and triage. The prioritization/vulnerabilities views and remediation/vulnerabilities views have been enhanced to expose malware types such as botnets, cryptocurrency miners, and backdoor malware (trojans), and enumerate those malware variants by name.

New risk scoring algorithm for vulnerability control

We continue to enhance and optimize the risk- scoring algorithm that powers our award-winning Vulnerability Control solution, enabling users to identify, prioritize, and remediate the most harmful vulnerabilities in their organization. The new risk scoring algorithm ensures a gradual effect of vulnerabilities on asset risk score and a tighter correlation between vulnerabilities and asset risk score.

The new risk scoring methodology continues to support formula flexibility so that each organization can control which risk factors will be included in the risk formula, and the weight of each factor has in the formula. The new risk scoring takes into consideration exposure, exploitability, CVSS and asset importance.

Cloud modeling

Skybox pioneered network modeling almost 20 years ago and completely redefined the field of network visualization and analytics. Over the last decade, we have perfected the model by adding support for all the crazy stuff that can exist in modern networks such as transparent and cloud firewalls, asynchronous routing, multiple layers of address translation and port translation, dynamic routing, MPLS, public and private clouds, VPNs, etc. As a result, security teams have an interactive network model that can help them validate access, ensure configuration hygiene, automate operational workflows, and identify risks and exposure.

The 12.0 release includes enhanced modeling capabilities. This helps customers achieve better visibility, analytics, compliance, and automated workflows for managing public and private cloud environments as well as cloud firewall solutions.

  • Azure Cloud Services collection expanded to model virtual machine scale sets and ExpressRoute connections.
  • Google Cloud Platform (GCP) various enhancements, including location creation based GCP resource hierarchy, separate perimeter clouds to delineate each GCP project, shared VPC modeling, and reporting of vulnerabilities/inventory on GCP instances
  • NSX-T IPv6 – Support of IPv6 address collection, expanding flexibility and visibility for customers
  • VMware Cloud on AWS – various enhancements, including modeling of IPSec VPNs and connectivity to the connected VPC in the collection task
  • AWS – Support for staged firewall object for better scenario planning and what-if analyses
  • Zscaler – Support added for rule usage analysis, ensuring rule optimization capabilities can be applied uniformly to both on-premises and cloud firewalls

Independent collector updates

Support for independent Skybox Collector and changes to version numbering. We now support the release and updates of collectors independently of server and manager updates. The collectors will have their own installation files and version cadence. Until now, any update to the collectors required an update of the server as well.

We’re delivering significant operational efficiencies, better resource utilization, and improved time to value by decoupling collector updates from server updates. The new independent Skybox Collectors enable customers to benefit from collector enhancements made available on the server software branch without requiring a more complex server upgrade.

Change Manager APIs

A complete set of scalable, flexible, lightweight RESTful APIs are now available, enabling customers and partners to integrate third-party solutions with the Skybox platform easily and without friction, unlocking increased visibility and accelerating time to value.

Learn more about how the advanced capabilities of the Skybox Security Posture Management Platform can help you manage your specific environments:
For current customers:

Find technical documentation for the Skybox version 12.0 release on the Documentation Portal. As always, technical support is available via the Customer Community.