|[March 13, 2014]
Skybox Security Introduces Vulnerability Center
SAN JOSE, Calif. --(Business Wire)--
Security, the leading provider of risk analytics for cyber security,
today launched the Skybox
Vulnerability Center, a free online resource for IT security
practitioners that includes access to the Skybox
Vulnerability Database, one of the most advanced vulnerability
databases in the industry. Users can search the Skybox Vulnerability
Database by vendor, category, severity, date, CVE number and more, and
drill down for special details on specified vulnerabilities.
A cornerstone element of the Skybox Vulnerability Center is the Skybox
Vulnerability Index, a measurement that indicates the scale and severity
of the vulnerability attack surface, or the sum of all cyber attack
vectors against a typical enterprise organization. The Skybox
Vulnerability Index is calculated daily from a summation of factors
assigned to every vulnerability in the Skybox Vulnerability Database,
which consolidates vulnerability data for more than 1,000 products used
extensively in enterprise network environments.
Fluctuation in the Skybox Vulnerability Index provides a signal of the
dynamic scope of the IT risk exposure that vulnerabilities pose to an
enterprise organization. Many organizations take months to completely
scan their infrastructure for vulnerabilities and perform remediation
tasks, leaving many vulnerabilities exposed for months at a time. The
Skybox Vulnerability Index is calculated over a rolling 90-day view of
reported vulnerabilities, corresponding to the risk level of an
organization with a vulnerability remediation cycle of 90 days.
"The Skybox Vulnerability Index enables organizations to understand how
the constant stream of reported vulnerabilities affects their attack
surface," said Gidi Cohen, CEO of Skybox Security. "Using our web
application, IT security professionals can customize the Skybox
Vulnerability Index, such as by vendor or by category, and remediation
window, to gain insight into the type and severity of vulnerabilities
that have been reported since their last vulnerability assessment cycle.
With this knowledge, security teams can orchestrate effective and
efficient vulnerability remediation efforts that dramatically reduce the
attack surface and quickly decrease overall risk."
According to a Skybox
Security survey, the vulnerability management cycle from
vulnerability assessment to remediation can range from as little as a
week or two in critical areas of the network, to months or longer.
Additionally, most organizations deploy a 'round robin' scanning
approach that assesses only a small portion of their infrastructure on
an infrequent basis, leaving a large window of risk exposure that is
wide open to data breaches and attacks.
Gartner (News - Alert) recommends reducing the attack surface to limit hackers,
according to the February 12, 2014, report, Designing
an Adaptive Security Architecture for Protection From Advanced Attacks.
"We believe the foundation of any information security protection
architecture should start by reducing the surface area of attack by
using a combination of techniques. These techniques limit a hacker's
ability to reach systems, find vulnerabilities to target and get malware
The Skybox Vulnerability Index shows that the vulnerability risk to
enterprises with 90-day or longer remediation cycles rose significantly
throughout 2012, then was at a fairly steady level in 2013. For the
first two months of 2014, the Skybox Vulnerability Index shows a marked
drop of about 40 percent year-over-year, indicating that organizations
may be able to make headway, at least temporarily, in reducing risk
levels through a vulnerability management system, until the exposure
will start rising again.
The Vulnerability Center and the Skybox Vulnerability Database web
application are now available online at www.vulnerabilitycenter.com.
About Skybox Security, Inc.
Security, Inc., provides the most powerful risk analytics for cyber
security, giving security management and operations the tools they need
to eliminate attack vectors and safeguard business data and services.
Skybox solutions provide a context-aware view of the network and risks
that drives effective�vulnerability�and�threat�management,�firewall
compliance monitoring. Organizations in�Financial
and Telecommunications rely on Skybox Security every day for automated,
integrated security management solutions that lower risk exposure and
optimize security management processes. For more information visit:�www.skyboxsecurity.com.
NOTE: Skybox® Security is a registered trademark of Skybox Security Inc.
All other registered and unregistered trademarks herein are the sole
property of their respective owners. Product specifications subject to
change at any time without prior notice.�© 2014 Skybox Security, Inc.
All rights reserved.
[ InfoTech Spotlight's Homepage ]