Session Border Controller Industry News

TMCNet: Skybox Security Introduces Next-Generation Vulnerability Management Solution

[July 17, 2012]

Skybox Security Introduces Next-Generation Vulnerability Management Solution

SAN JOSE, Calif. --(Business Wire)--

Skybox® Security, the leading vendor of proactive security risk management solutions, today announced a 'next-generation' solution for vulnerability management that detects network vulnerabilities in an automated and non-disruptive manner, without an active scan, as well as security metrics to measure the magnitude of the attack surface and track effectiveness of remediation tasks. The new technologies are embedded in Skybox Risk Control 6.5, the first integrated vulnerability management solution that combines the capabilities to discover vulnerabilities, prioritize risk automatically, and drive remediation activities.

Vulnerability scanners have been the primary tool to identify network vulnerabilities for the past 15 years. However, a June 2012 Skybox Security survey of enterprise Vulnerability Management practices revealed that enterprises don't scan as often as they would like, due to potential network disruptions, non-scannable hosts, and a lack of resources to analyze vulnerability data or apply patches more frequently.

"Enterprises rely heavily on active vulnerability scanning as the primary way to determine and minimize the risk presented by vulnerabilities in the IT infrastructure," said Gidi Cohen, CEO at Skybox Security. "Unfortunately most enterprises respond to scanning headaches by adopting a 'round robin' scanning approach that assesses only a small portion of their infrastructure on an infrequent basis. This may lead to fewer disruptions, but leaves a large window of risk exposure that is wide open to data breaches and attacks."

Available in September 2012, Skybox Risk Control 6.5 with Vulnerability Detector consolidates data from multiple sources, including Microsoft (News - Alert) Active Directory, Microsoft System Center Configuration Manager (SCCM), Windows Server Update Services (WSUS), and more. Using Skybox's patent-pending Rule-driven Profiling technology, Vulnerability Detector derives an accurate list of vulnerabilities without actively probing network hosts.

"We have been using the Skybox solution to identify vulnerabilities directly from Microsoft WSUS dta without a scan, and then prioritize vulnerabilities and critical patches. We are pleased that this capability has been integrated into the Skybox Risk Control 6.5 product," said Alejandro Villar, CISO at Repsol, a Spanish oil and gas company.


This scanless discovery approach can be used independently or in concert with a traditional vulnerability scanner. When used together, Risk Control augments weekly or monthly active scans with continuous updates from Vulnerability Detector for highly accurate and up-to-date security intelligence.

Skybox Risk Control 6.5 also minimizes the security analyst time required to evaluate vulnerabilities and plan remediation steps. Attack Simulation performs a virtual 'penetration test' in minutes to find all vulnerabilities that can be exploited, taking into account all possible attack vectors, available vulnerabilities, network topology, security controls, and the value of assets. Remediation suggestions are generated automatically, and security managers can track operational response with new endpoint security KPIs (Key Performance Indicators).

"Attackers are becoming increasingly sophisticated, improving their ability to find and exploit security weaknesses quickly within an organization's network," said Anton Chuvakin, research director at Gartner (News - Alert). "Vulnerability assessment technology is an integral component of an organization's security infrastructure and if used properly and frequently can help mitigate critical vulnerabilities ahead of an attack."

Key benefits of Skybox Risk Control 6.5:

  • Performs non-intrusive vulnerability detection - uses system configuration repositories and rule-driven profiler to derive vulnerability data without an active scan, so enterprise risk is not dependent on infrequent "scan windows"
  • Provides daily assessment of vulnerabilities - continuous assessments and visibility requires less management time and delivers greater network coverage
  • Reduces risk exposure - up-to-date information from highly accurate data sources shrinks risk exposure levels by shortening the time between identification of a vulnerability to remediation
  • Integrates vulnerability management processes - links assessment, risk and exposure analysis, prioritization and remediation
  • Easy to deploy and manage - connect to one or a few available data repositories, eliminating the need to touch every endpoint

For more information on Risk Control 6.5 and all of the Skybox Security solutions visit www.skyboxsecurity.com.

About Skybox Security, Inc.

Skybox Security, Inc. is the leader in proactive security risk management solutions, providing automated, non-intrusive tools that detect, prioritize, and drive remediation of critical risks such as exposed vulnerabilities and firewall configuration errors. Skybox solutions prevent potential cyber attacks and data breaches by providing IT decision makers with continuous network visibility and sophisticated security analytics. Organizations in Financial Services, Government, Energy, Defense, Retail, and Telecommunications rely on Skybox Security solutions daily to reduce risk exposure, implement secure change management processes, and achieve continuous compliance. For more information visit www.skyboxsecurity.com.

NOTE: Skybox® Security is a registered trademark of Skybox Security Inc. All other registered and unregistered trademarks herein are the sole property of their respective owners. Product specifications subject to change at any time without prior notice. © 2012 Skybox Security, Inc. All rights reserved.


[ Back To Session Border Controller Homepage's Homepage ]

Solution Corner

The Sonus SBC 1000
Sonus now brings session border controller (SBC) SIP communication capability to the enterprise branch and small and medium businesses. To further address deployment needs Sonus has also enabled branch survivability, Microsoft Lync primary / back-up server, and integrated analog ports all within the ... Learn More »

Featured Whitepapers

Session Border Controller - Cable Communications Company & Sonus Centralized Policy Server
Cable Communications Company & Sonus Centralized Policy Server
This Sonus customer is a cable multiple system operator responsible for operating a competitive cable TV, Internet and telephone service business in more than 20 independent markets throughout the United States. As a result of the Telecommunications Act of 1996, which unleashed unprecedented competition in local telephone service, the customer initiated a communications service architecture that addressed ...
Session Border Controller - A Seamless Migration from WiMAX to LTE Using the Sonus SIP Core Network
A Seamless Migration from WiMAX to LTE Using the Sonus SIP Core Network
Today, as the industry shifts its attention to LTE and Voice over LTE (VoLTE) networks, early WiMAX adopters are looking to migrate their network strategy away from the WiMAX model to the more broadly adopted LTE model.

Featured Datasheets

Session Border Controller - The Sonus VX1800 Voice Exchange
The Sonus VX1800 Voice Exchange
Traditional Enterprise communications are silos with multiple networks with their own dedicated platforms, protocols, and devices. Additionally, organizations may have diverse systems leading to large and complex networks.
Session Border Controller - The Sonus VX Series - Billing Integration System
The Sonus VX Series - Billing Integration System
The Sonus VX Series - Billing Integration System VXgate performs real-time transaction processing between VX Series gateways and backoffice billing systems. VX Series's high avaiability architecture extends to the VXgate application.

Featured Brochures

Session Border Controller - The Sonus VX Series - Billing Integration System
The Evolution of Session Border Control
Session Border Controllers have come a long way since they were first conceived in the early 2000s as a simple, security-focused element. As service providers and enterprises began deploying more advanced real-time applications over IP-including Unified Communications, video, instant messaging, and conferencing-the burden on SBCs grew in step.
Session Border Controller - The Sonus VX1800 Voice Exchange
Sonus SBC 1000 and SBC 2000 Remote Configuration Services
The Sonus SBC 1000 and SBC 2000 session border controllers are designed for enterprises and managed service providers that require a small- to mid-sized SBC. These SBCs deliver enterprise-grade features, easy integration with Microsoft Lync and support for both TDM and IP trunks, which allows the SBC 1000/2000 to function as a Survivable Branch Appliance.
Session Border Controller - The Sonus VX Series - Billing Integration System
The ABCs of PCI DSS + VoIP
As the boundaries between VoIP and IP-based data networks continue to blur, enterprises would be wise to apply the same levels of network security across all entrypoints. Session border controllers are designed to protect VoIP network borders from unauthorized entry, but not all SBCs are created equal in terms of security features and functionality.