Telecom Signaling Industry News

TMCNet:  Skybox Security Introduces Next-Generation Vulnerability Management Solution

[July 17, 2012]

Skybox Security Introduces Next-Generation Vulnerability Management Solution

SAN JOSE, Calif. --(Business Wire)--

Skybox® Security, the leading vendor of proactive security risk management solutions, today announced a 'next-generation' solution for vulnerability management that detects network vulnerabilities in an automated and non-disruptive manner, without an active scan, as well as security metrics to measure the magnitude of the attack surface and track effectiveness of remediation tasks. The new technologies are embedded in Skybox Risk Control 6.5, the first integrated vulnerability management solution that combines the capabilities to discover vulnerabilities, prioritize risk automatically, and drive remediation activities.

Vulnerability scanners have been the primary tool to identify network vulnerabilities for the past 15 years. However, a June 2012 Skybox Security survey of enterprise Vulnerability Management practices revealed that enterprises don't scan as often as they would like, due to potential network disruptions, non-scannable hosts, and a lack of resources to analyze vulnerability data or apply patches more frequently.

"Enterprises rely heavily on active vulnerability scanning as the primary way to determine and minimize the risk presented by vulnerabilities in the IT infrastructure," said Gidi Cohen, CEO at Skybox Security. "Unfortunately most enterprises respond to scanning headaches by adopting a 'round robin' scanning approach that assesses only a small portion of their infrastructure on an infrequent basis. This may lead to fewer disruptions, but leaves a large window of risk exposure that is wide open to data breaches and attacks."

Available in September 2012, Skybox Risk Control 6.5 with Vulnerability Detector consolidates data from multiple sources, including Microsoft (News - Alert) Active Directory, Microsoft System Center Configuration Manager (SCCM), Windows Server Update Services (WSUS), and more. Using Skybox's patent-pending Rule-driven Profiling technology, Vulnerability Detector derives an accurate list of vulnerabilities without actively probing network hosts.

"We have been using the Skybox solution to identify vulnerabilities directly from Microsoft WSUS dta without a scan, and then prioritize vulnerabilities and critical patches. We are pleased that this capability has been integrated into the Skybox Risk Control 6.5 product," said Alejandro Villar, CISO at Repsol, a Spanish oil and gas company.

This scanless discovery approach can be used independently or in concert with a traditional vulnerability scanner. When used together, Risk Control augments weekly or monthly active scans with continuous updates from Vulnerability Detector for highly accurate and up-to-date security intelligence.

Skybox Risk Control 6.5 also minimizes the security analyst time required to evaluate vulnerabilities and plan remediation steps. Attack Simulation performs a virtual 'penetration test' in minutes to find all vulnerabilities that can be exploited, taking into account all possible attack vectors, available vulnerabilities, network topology, security controls, and the value of assets. Remediation suggestions are generated automatically, and security managers can track operational response with new endpoint security KPIs (Key Performance Indicators).

"Attackers are becoming increasingly sophisticated, improving their ability to find and exploit security weaknesses quickly within an organization's network," said Anton Chuvakin, research director at Gartner (News - Alert). "Vulnerability assessment technology is an integral component of an organization's security infrastructure and if used properly and frequently can help mitigate critical vulnerabilities ahead of an attack."

Key benefits of Skybox Risk Control 6.5:

  • Performs non-intrusive vulnerability detection - uses system configuration repositories and rule-driven profiler to derive vulnerability data without an active scan, so enterprise risk is not dependent on infrequent "scan windows"
  • Provides daily assessment of vulnerabilities - continuous assessments and visibility requires less management time and delivers greater network coverage
  • Reduces risk exposure - up-to-date information from highly accurate data sources shrinks risk exposure levels by shortening the time between identification of a vulnerability to remediation
  • Integrates vulnerability management processes - links assessment, risk and exposure analysis, prioritization and remediation
  • Easy to deploy and manage - connect to one or a few available data repositories, eliminating the need to touch every endpoint

For more information on Risk Control 6.5 and all of the Skybox Security solutions visit

About Skybox Security, Inc.

Skybox Security, Inc. is the leader in proactive security risk management solutions, providing automated, non-intrusive tools that detect, prioritize, and drive remediation of critical risks such as exposed vulnerabilities and firewall configuration errors. Skybox solutions prevent potential cyber attacks and data breaches by providing IT decision makers with continuous network visibility and sophisticated security analytics. Organizations in Financial Services, Government, Energy, Defense, Retail, and Telecommunications rely on Skybox Security solutions daily to reduce risk exposure, implement secure change management processes, and achieve continuous compliance. For more information visit

NOTE: Skybox® Security is a registered trademark of Skybox Security Inc. All other registered and unregistered trademarks herein are the sole property of their respective owners. Product specifications subject to change at any time without prior notice. © 2012 Skybox Security, Inc. All rights reserved.

[ Back To Telecom Signaling's Homepage ]

Featured Events

5G NA Signaling Day

November 14-16, 2016
Sheraton Dallas, Dallas, TX

Featured Webcasts

Securing The Signaling Interconnect: Oracle's Perspective On Recent Security Events

Today's telecommunications landscape is changing rapidly, and the "institution" of trust between networks that has been assumed over the decades is no longer relevant. We are now hearing of vulnerabilities in CSP interconnection points that have been known ...

Applications of Wi-Fi Calling

With all of the discussion about faster data access and richer content, it could be assumed that voice services no longer play an important role in the business model of the communications service provider. Join ReThink Technologies Research and Oracle Communications as we explore ...

Featured Whitepapers

Oracle Communications Diameter Signaling Router Main Differentiators

Diameter is the protocol used by network elements in LTE and 3G networks to enable and monetize services, such as voice, video and data. Diameter enables revenue-generating data services; including tiered data plans, loyalty programs, application specific QoS, content provider and Internet of Things (IoT) solutions ...

Multi-Layer Security Protection for Signaling Networks

The sanctity of mobile operators' networks and brands will depend greatly on their ability to deliver QoS guarantees to roaming and interconnect partners, while simultaneously protecting increasingly multimedia-savvy and socially connected ...

Featured Datasheets

Oracle Communications Diameter Signaling Router

Centralizing Diameter routing with cloud deployable Oracle Communications Diameter Signaling Router creates a secure signaling architecture that reduces the cost and complexity of the core network and enables elastic growth, interoperability and rapid introduction ...

Oracle Communications Mobile Security Gateway

The Oracle Communications Mobile Security Gateway is a high performance gateway that allows the Communications Service Provider (CSP) to cost effectively expand network coverage and increase capacity by incorporating Heterogeneous ...

Oracle Communications Evolved Communications Application Server

As service providers drive their networks toward an all-IP and virtualized state, they require the means to design and deliver compelling high definition voice, video and multimedia offers via Voice over LTE (VoLTE) and Voice over WiFi (VoWiFi) ...

Featured Infographic