Skybox Security’s New Release Features Improved Attack Path Analysis

Highlights:

• The release offers upgraded Attack Path Analysis, enabling users to assess lateral attacks, supply chain threats, and internal risks.
• The update incorporates improved Cloud Infrastructure Integration, designed to tackle the complexities of hybrid and cloud environments.

Skybox Security Inc., a provider of cybersecurity management platforms, has unveiled the next iteration of its Continuous Exposure Management Platform, which features improvements to its Attack Surface and Vulnerability Management solutions.

Version 13.0 of the Skybox Security platform includes an improved Attack Surface Management solution that, according to the company, provides a complete inventory and map of assets, applications, and users. It analyzes attack paths and simulates attacks to generate a dynamic model of the hybrid attack surface’s security.

The news release highlights a new Attack Surface Map that provides new methods to visualize, navigate, and interact with the map. Customers of Skybox Security can now filter and highlight specific portions of their infrastructure, with assets being grouped manually or automatically for improved comprehension. A refined search function expedites asset location and navigation.

Improved Attack Path Analysis in the new release enables users to comprehend the significance of lateral attacks, threats from supply chain partners, and inside threats. With the inclusion of the threat origin in version 13.0’s attack path analysis, businesses can better prioritize threats and decide how to mitigate them thanks to better risk context.

13.0 also includes lightweight directory access protocol integration, which enables organizations to model Group Policy Objects from LDAP directories such as Microsoft Active Directory seamlessly within the Skybox platform. The integration offers direct visibility into the security policy configurations for users, organizational entities, and computers.

To address the issues raised by hybrid and cloud infrastructures, the release includes improved Cloud Infrastructure Integration. Version 13.0 centralizes cloud-related data, including firewall assets and rules from Amazon Web Services Inc.

In order to help prioritize threats with exposure-based risk, the solution for Vulnerability Management now aggregates more than 25 external threat intelligence feeds in addition to its own Skybox Threat Intelligence feed.

Customers can now import vulnerability data to combine information from different sources within the platform to create a single solution for vulnerability management tasks. In this release, a new “Solutions View” is introduced to identify the crucial compensating controls tailored to particular business units or applications. Additionally, a group of targeted REST application programming interfaces enables Version 13.0’s seamless integration with Security Orchestration, Automation, and Response platforms.

Mordecai Rosen, Chief Executive, said ahead of the release, “In today’s complex threat landscape, organizations need to continuously manage their threat exposure based on the prioritized risks to their business. The Skybox platform now supports each stage of an enterprise’s continuous exposure management program, from mapping the attack surface, through contextualization and risk-based prioritization, to final remediation.”

A venture capital-backed startup, Skybox Security, most recently raised USD 50 million in funding in February. J.P. Morgan Chase and Co., CVC Capital Partners Growth Funds L.P., and Pantheon Ventures LLC are a few of the company’s investors.