Attack surface management
Growing complexity spurred by rapid technology expansion, network transformation, remote workers, and growing vulnerabilities, makes it challenging to get your arms around the entire attack surface.
As a part of the Skybox continuous exposure management platform, the attack surface management solution inventories assets, applications, and users, building a single dynamic topology map of the hybrid attack surface, and making it possible to instantly identify exposures.
New attack surface map
With Version 13.0, Skybox has created the industry’s most advanced visualization tool for mapping the hybrid attack surface, analyzing exposure, and prioritizing remediations.
The enhanced attack surface map enables customers to filter, and highlight specific areas of their infrastructure, zooming in on areas of interest or concern.
Customers can now group assets manually or automatically for enhanced readability and simplified presentation while a new search capability makes it easy to quickly locate an asset and view its properties and details, in the context of the overall attack surface.
Filter the hybrid network map
Enhanced attack path analysis
Skybox’s unique attack path analysis and attack simulation capabilities enable customers to plot the path an attacker could use to exploit a vulnerable asset, right down to the exact route across the network, the firewall device(s), configurations, and rules that would enable the attack.
With lateral attacks, supply chain partners, and even insider threats all critical factors in managing overall exposure, it’s becoming increasingly important to factor the probable threat origin into the attack path analysis, providing greater context and informing prioritization and mitigation decisions.
Version 13.0 now factors threat origin (Internet, Partner, Insider) into the analysis. Different threat origins have different likelihoods of occurring. For example, an Internet threat origin is more likely to occur than an insider threat origin. The likelihood of an attack is pre-calculated separately for each attack source (threat origin). The exposed threat module displays it on the details page for each vulnerability occurrence and per threat origin, further helping security teams to prioritize mitigations.
Unique attack path analysis and attack simulation capabilities enable customers to plot the path an attacker could use to exploit a vulnerable asset.
User & group discovery and visualization
Organizations can now view users and organizational groups in the context of the overall attack surface. Integration with LDAP directories such as Microsoft Active Directory, provides a direct insight into access and permission policy settings for users, organizational units, and computers.
Cloud infrastructure integration
Enhancing the platform’s support for hybrid and cloud infrastructure, Version 13.0 now provides a centralized view of specific cloud-related data, including AWS firewall rules and assets.
Access analyzer performance enhancements
With reductions in memory utilization by an average of 50% and average increases in performance of 80%, organizations can now more rapidly define and test paths between any source and destination, accelerating attack simulation projects.
Additional enhancements
The new version adds support for modeling Tenable Nessus 10.5.0, Qualys Global Asset View / Asset Management 2.8 and further enhances Rapid7, Prisma Cloud, Junos Netscreen, and Pulse Secure support.
Learn more about 13.0 features for vulnerability management:
Want more information?
Find technical documentation for the Skybox version 13.0 release on the Documentation Portal. As always, technical support is available via the Customer Community.
