rsa 2014: skybox security risk analytics overview
DESCRIPTION
Skybox is a Risk Analytics brain for security management We provide visibility, intelligence and control to help you manage firewalls and changes, minimize vulnerabilities, and deal with threats --- on one common platform With Skybox, you can visualize your network, prioritize risks in minutes, find attack vectors, and save time through security automation. We help you Take Action Fast! How do we do this? Let’s show you how…TRANSCRIPT
Skybox Security:
Take Charge of Risk!
© 2014 Skybox Security Inc. 2
Security Leaders Choose Skybox
Service
Providers
Energy &
Utilities
Gov &
Defense
Others
Financial
Services
6 OF THE TOP 10 GLOBAL BANKS
6 OF THE TOP 10 NATO COUNTRIES
© 2014 Skybox Security Inc. 3
Security Management Challenges
Firewall & Change
Management
Vulnerability
Management
Threat
Response
Problem: “Swivel chair integration”
No
Network
Context
Slow to
respond
Too
much data
© 2014 Skybox Security Inc. 4
Skybox: Visibility, Intelligence, Control
FIREWALL &
CHANGE
MANAGEMENT
VULNERABILITY
MANAGEMENT
THREAT
RESPONSE
Automate
security
tasks
Prioritize
critical
risks Identify
attack
vectors
Visualize
network
security
TAKE ACTION FAST!
© 2014 Skybox Security Inc. 5
Skybox Builds a Model of the Network
Threats Routing Vulns Layer 3 Assets Log Data Policies
© 2014 Skybox Security Inc. 6
Comprehensive Network Context
6
√ All and more integrated with Skybox
© 2014 Skybox Security Inc. 7
Analytics Find the Real Risks, Fast
Internet Hacker
Compromised Partner
Rogue Admin Vulnerabilities CVE 2013-0640
CVE 2012-1895
CVE 2013-0093
Attack Simulation
© 2014 Skybox Security Inc. 8
Monitor Compliance
Model Network
Network Security Management
with Skybox
Understand network context
Analyze Firewalls
Manage Changes
Rule and configuration checks
Access path analysis
Optimize rules
Track changes
Automatic audits
PCI DSS, FISMA, NERC, NIST…
Custom Policies
Automate assessments
Verify controls continuously
Optimize change process
Change Request
Tech Details
Assess Risks
Make Change
Reconcile Verify
Network topology view
Normalize data from 80+ systems
Access simulation
© 2014 Skybox Security Inc. 9
Prioritize Discover
Up-to-date, less disruption
Analyze Remediate and Track
Scanless vulnerability detection
Import 3rd party VA scans
Threat intel
Vulnerability hot spots
Attack simulation
Network context
Business impact
Risk exposure
Geo or technology
Attack vectors
Heat maps
Find areas of greatest impact
Reduce risk exposure
Manage effectively
Vulnerability and Threat Management
with Skybox
Remediation planning
Ticketing and workflow
Dashboards and reporting
© 2014 Skybox Security Inc. 10
Success Stories
Reinventing Security Management
Vulnerability Management – Accurate and Fast
Network Security – Continuous Compliance
From once a month scanning to continuous
view of vulnerabilities
False positives rate dropped from 20%+ to <1%
Reduced incident response from weeks to hours!
Now able to easily manage 1000 firewalls, 40,000 rules
Daily compliance with ISO27001, SOX
From weeks to analyze, to security diagnosis in minutes
© 2014 Skybox Security Inc. 11
Take Charge, Take Control of Risk!
TRADITIONAL TOOLS SKYBOX SECURITY
Vulnerability Management Comparison
© 2014 Skybox Security Inc. 12
Thank you
www.skyboxsecurity.com
Make sure you are registered to WIN an
e-Zip E750 Electric Scooter