Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites.
Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. For avoidance of any doubts and to make it easier, you may consider any links to external websites as sponsored links. Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

SKYBOX SECURITY ANNOUNCES THREAT–CENTRIC VULNERABILITY MANAGEMENT FOR VIRTUAL AND CLOUD NETWORKS

Expands solutions to ease day–to–day security management across all networks in one platform

Skyboxä Security, a global leader in cybersecurity management, continues to expand its cloud security management solution, Skybox for the Cloud™. The solution now includes threat–centric vulnerability management (TCVM) for virtual and multi–cloud environments and extends capabilities for security policy management, attack surface visibility and network path analysis. With one platform, the Skybox™ Security Suite, organizations are now able to consistently and securely manage day–to–day security processes across their entire network infrastructure, whether on premises or in the cloud.

As businesses continue to migrate to virtual and cloud environments, security becomes more complicated due to the nature of cloud architecture, from multi–tenancy to elasticity and the shared responsibility for the computing stack. For example, security mechanisms in virtual and cloud networks are different from physical environments, and even differ between cloud service providers. In addition, cloud elasticity means virtual machines are quickly spun up and down, making traditional vulnerability scanning insufficient as the environment may change significantly between scans.

To counteract these challenges and reduce the chance of human error, Skybox helps automate security processes not only in virtual and cloud environments, but across all networks within a single, unified dashboard.

“IT teams are tasked with launching new services and applications on a daily basis. By leveraging cloud architecture, they can achieve that in minutes — opposed to days of work,” said Skybox VP of Products Ravid Circus. “The challenge is that this leads to a fluid security situation where assets (virtual machines) can be assigned to the wrong security group, resulting in immediate exposure. Security teams need to be on top of this, and the only way to do it is have global visibility and management across all your networks.”

Whether an organization’s network infrastructure is physical, virtual, cloud or a hybrid of all three, Skybox for the Cloud addresses a number of use cases in the following areas:

  • Comprehensive visibility of the attack surface in a single network model, capable of incorporating data from 120+ security and networking technologies
  • End–to–end path analysis from any source to any destination across or within physical, virtual and multi–cloud networks, including detailed path analysis on the devices, rules, etc., along the path
  • Unified security policy management across all networks, including out–of–the–box compliance checks for key industry regulations such as NIST and PCI DSS
  • Vulnerability discovery, prioritization and remediation planning with the context of an organization’s on–prem and multi–cloud networks; this information is correlated to current threat intelligence of exploits in the wild

As cyber events like the Equifax breach (caused by the Apache Struts vulnerability) continue to increase, it’s obvious that organizations are struggling to quickly identify and effectively remediate vulnerabilities in their systems. This challenge can be compounded by the nature of cloud environments and even procedural requirements from service providers that impact third–party scans.

Skybox for the Cloud gives security teams the power to assess vulnerabilities in the cloud on demand by combining data from cloud–based patch and asset management systems, scanners and network devices. The results are analyzed and prioritized using the TCVM approach, taking into account:

  • The vulnerabilities on the virtual machine and its importance to the organization
  • The virtual machine’s exposure based on the hybrid network topology and security controls in place
  • Threat intelligence on available and active exploits in the wild

TCVM also gives prescriptive guidance of what action can be taken to prevent exploitation and how urgently that action should be performed.