SlideShare a Scribd company logo

Skybox security

Download as PPTX, PDF
Alejandro Cadarso
Alejandro Cadarso

Tech overview

Internet
1 of 46
Skybox Security Overview
2 Model the Attack Surface DMZ Security Controls Network Topology Assets Vulnerabilities Threats
3 Who We Are Silicon Valley HQ Offices around the globe Fastest–growing company in our space $270M funding since February 2016 5–star reviews Vulnerability/Threat Management Risk/Policy Management 700+ active customers 50 countries, all verticals
4 Who Relies on Us Financial Services Service Providers Government & Defense Energy & Utilities Technology & Manufacturing Healthcare Consumer
5 Why We’re Needed Limited visibility Non–actionable intelligence and data silos Lack of resources 97% of breaches are avoidable through standard controls
6 Why We’re Needed Unparalleled visibility and comprehensive network modeling Integration with existing technologies and added intelligence Intelligent automation and orchestration Skybox helps bridge the security management gap
7 Improve Existing Resources 120+ technology integrations Cloud/ Virtual Endpoint Security Vulnerability Management, SIEM Firewall/Network Security & Infrastructure
8 Skybox Security Suite Attack Surface Visualization • Total visibility of the attack surface – Physical, virtual, cloud and OT environments – Vulnerabilities and threats • Measurable risk reduction • Improved communication across teams and up management chain Integrated Security Management
9 Skybox Security Suite Security Policy Management • Easy, efficient compliance reporting • Intelligent workflows and automation • Proactive risk assessments of security and network changes Integrated Security Management
10 Skybox Security Suite Vulnerability and Threat Management • Vulnerability prioritization aligned to the current threat landscape • Exposed and exploited vulnerabilities highlighted • Resources directed where they’re needed most Integrated Security Management
11 Skybox Security Intelligence Feed Exploits in the wild Vulnerabilities used in ransomware, exploit kits, etc. Attack vector details 700,000+ sites in the dark web 30+ security data feeds Skybox Research Lab
12 Security Policy Management • Network topology view • Normalized data from 120+ technologies • Physical, virtual, cloud and industrial • Access simulation • Cloud security tags • Firewalls • Rule and configuration checks • Network path analysis • Rule optimization • Change tracking • Automated audits • PCI DSS • FISMA • NERC • NIST • GDPR • Custom policies • Change request • Tech details • Risk assessment • Provisioning options • Reconciliation and verification Model Network Change Management Monitor Compliance Understand Network Context Confirm Effective Controls Document Compliance Continuously Verify Rulebase Analyze Security Controls
13 Vulnerability and Threat Management • Scanless vulnerability detection (physical/cloud) • Support for all third- party VA scanners • Threat-centric vulnerability management • Hot spot analysis • Attack simulation • Business impact • Network topology and compensating controls • Threat context • Imminent threats (exposed/active exploit) • Potential threats (known/available exploit) • Attack vector details • Remediation planning • Ticketing and workflow • Dashboards and reporting Same-Day Identification Highlight Assets at Risk Focus on Areas of Greatest Impact Respond Quickly Prioritize Response Discover Vulnerabilities Analyze Attack Surface Remediate & Track
14 Firewall Assurance Comprehensive Multi-Vendor Firewall Management 1 Collect & Normalize 2 Analyze 3 Report & Act Firewall Security Assessment How It Works Continuous Policy Compliance Firewall Rule Life Cycle Management
15 5 Verify 1 Request 4 Implement 3 Assess Change Manager Secure, Automated Firewall Change Management Change Management Automation How It Works Automated Risk Assessment Rule Recertification Workflow ! Identify 2
16 Network Assurance Complete Visibility and Command of Hybrid Network Access and Routes 3 Analyze in Context 2 Create a Model 1 Collect & Normalize Network Model How It Works Security Analytics Network Compliance Verification
17 Vulnerability Control Threat-Centric Vulnerability Management Scanless Assessments How It Works Network + Threat Context Exposed and Exploited Vulns 1 Assess 2 Analyze 3 Prioritize 4 Remediate 1 2 3
18 1 Collect & Normalize Threat Manager Threat Intelligence Analysis and Response Consolidated Threat Intelligence How It Works Contextual Threat Assessment Focused Threat Response 2 Check Relevancy 3 Track Remediation
19 March April May June Current Last 4 Months Visualize Your Entire Attack Surface From Multiple Perspectives Unsecure Device Configuration Exploitable Vulnerabilities Risky Access Rules Exploited in the Wild Vulnerabilities US 311 Assets 5 Firewalls Site Details Vulnerability Exposure Unsecure Device Configuration (Total: 72) Name: UDP reply packets – filtered Policy: Checkpoint FW Standard Policy #Violations: 1 Name: Encrypted Line Password - required Policy: Cisco IOS RTR Standard Policy #Violations: 1 Name: IP source routing - prohibited Policy: Cisco IOS RTR Standard Policy #Violations: 1 Name: Password Encryption Service - required Policy: Cisco IOS RTR Standard Policy #Violations: 1 Name: SNMPv3 Group - required Policy: Cisco IOS RTR Standard Policy #Violations: 1
20 Skybox Horizon Attack Surface Visualization Unsecure Device Configuration Misconfiguration enables the continuation and spread of attack Risky Access Rule Allows inbound access from DMZ to deeper in network Exploited in the Wild Vulnerability Vulnerability with available and active exploit is attacked
21 Attack Surface Model Context: Asset Exposure/Criticality Prod FW Main FW GatewayEastA Vulnerability Intelligence Main Router Backbone Core Router GatewayEastA IPS Attack Surface Model Context: Asset Exposure/Criticality Prod FW Main FW GatewayEastA Main Router Backbone Core Router GatewayEastA IPS Threat-Centric Vulnerability Management Vulnerabilities + Exploits in the Wild
22 Attack Surface Model Context: Asset Exposure/Criticality Prod FW Main FW GatewayEastA Vulnerability Intelligence Main Router Backbone Core Router GatewayEastA IPS Attack Surface Model Context: Asset Exposure/Criticality Prod FW Main FW GatewayEastA Main Router Backbone Core Router GatewayEastA IPS Threat-Centric Vulnerability Management Vulnerabilities + Exploits in the Wild Analytics Prioritize Imminent Threat High-priority remediation/mitigation Potential Threat Gradual risk reduction
23 Security in Multi-Cloud Environments Complete Visibility End–to–end path analysis Policy compliance across networks in a single dashboard view Out–of–the–box regulatory compliance checks Threat–centric vulnerability management AWS Azure NSX (Private)
24 Security in Industrial Networks OT Production Control System Network IT Business/ Corporate Network Visibility and path analysis for combined IT and OT networks Risk analysis Vulnerability detection Internet RTU/PLC/DCS Controller Units & Field Devices Neighboring Utilities Util C Util E Util A Util B Util D
25 GDPR—How Skybox Can Help Data Protection By Design Article 25 Record Processing Activities Article 30 Security of Processing Article 32 Breach Notification to Supervisory Authority Article 33 Breach Notification to Data Subject Article 34 Data Protection Impact Assessment Article 35
26 Take Control of Your Attack Surface Automation and Orchestration Threat and Vulnerability Intelligence Attack Surface Visibility and Analytics
Thank You
2828 Skybox Security Technical Overview
29 Skybox Architecture
30 • Integrates with existing infrastructure • Automation, workflows • Not a scanner, Agentless • Built-in ticketing system • APIs for integration with third-party systems • Appliance, virtual appliance, software only Deployment Diagram
31 Network Model Visualization
32 A Comprehensive Network View • Network context • Network size, complexity • Multi-vendor environment • Routers, LBs, FWs, Assets • Routing tables, ACLs, IPS • NAT/PAT, VPNs, Tunnels Detailed Model Complex and Changing Network Device-Level view
33 Network Path Analysis • Routing/PBR • NAT/PAT/VPNs • Load Balancing • Firewall rules • Multiple routes Access Analyzer Understands
34 Continuous Compliance Monitoring –Access Compliance –Configuration Compliance –Rule Compliance • PCI, NIST, Custom Policies • Vendor best practices • Track exceptions Automated Compliance Checks
35 Optimise Rules • Spot shadowed and redundant rules quickly • Gather log data to analyse historical rule usage • Tighten the rule base, improve security and effectiveness • Have a consultative conversation
36 Zone-to-Zone Access Compliance Internet / External DMZ Finance Servers Development Partners Resellers Only Port 80 Only Ports 80, 8080, 443, 22 No Access New York Paris London
37 • Vastly improve operational costs • Reduce time to implement changes • Risk assessment before change is made • Automate changes/generate configuration • Reconcile changes Optimizing Change Management Workflow Automate Change Management Change Request Technical Details Risk Assessment Change Implementation Reconcile and Verify
38 Change Management Workflow Skybox Analytics Engine Request Technical Details Risk Assessment Implementation Verification Capture business/ technical details Translate Path identification Rule analysis Identify policy violations & Vulnerability exposures Accept/Reject Assign to team for provisioning Reconcile against observed changes Verify Access
39 Skybox Change Manager Change Management Workflow Risk Assessment VerificationImplementation Technical Details Other Change Requests Audit Trail Maintained Request for Firewall Change Request
40 • Skybox Research Lab aggregates 30+ vulnerability and threat feeds • More than 70,000 vulnerabilities on 8,000+ products • CVE compliant, CVSSv3 standard • Updated daily Skybox Vulnerability Database ADVISORIES Adobe Apple Cisco Microsoft Oracle Red Hat SCANNERS BeyondTrust Retina McAfee Foundstone Qualys Cloud Platform Rapid7 Nexpose Tenable Nessus Tripwire IP360 IPS Fortinet FortiGuard McAfee IPS Palo Alto Networks Trend Micro TippingPoint Cisco SourceFire OTHER CERT, ICS CERT Flexera Secunia IBM X-Force Mitre CVE NIST NVD OSVDB Symantec Security Focus Rapid 7 Metasploit Zero-day vulnerabilities for published incidents
41 Skybox Vulnerability Database Skybox Research Labs 30+ threat feeds … Dedicated team verifies, normalizes, adds more data … Subscribed customers updated daily
42 Main Uses of the Vulnerability Database Skybox Vulnerability Database Data Collection into Security Model Attack Simulation Vulnerability Detector Data normalization (vulnerabilities, IPS signatures) Attack vectors information Product and vulnerability profiling rules
43 Remediate the stuff that matters! • How do we prioritize for remediation? • Are critical assets at risk? • What’s our trend in fixing vs finding vulnerabilities? • Which vulnerabilities should I fix for the biggest impact? Vulnerabilities IdentifiedThreat-Centric Vulnerability Management
44 Threat-Centric Prioritization
45 Attack Simulation Vulnerabilities CVE 2014-0160 CVE 2014-0515 CVE 2016-0076 Attack Vectors Compromised Server Internet Hacker Infected Partner
4646 Thank You

Recommended

Audit
AuditAudit
Auditzan
 
IDS,SNORT ET SÉCURITÉ RESEAU
IDS,SNORT ET SÉCURITÉ RESEAUIDS,SNORT ET SÉCURITÉ RESEAU
IDS,SNORT ET SÉCURITÉ RESEAUCHAOUACHI marwen
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM ArchitectureNishanth Kumar Pathi
 
Supervision V2 ppt
Supervision V2 pptSupervision V2 ppt
Supervision V2 pptjeehane
 
Audit de sécurité informatique
Audit de sécurité informatiqueAudit de sécurité informatique
Audit de sécurité informatiqueMohamed Ali Hadhri
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 

Recommended

Audit
AuditAudit
Auditzan
 
IDS,SNORT ET SÉCURITÉ RESEAU
IDS,SNORT ET SÉCURITÉ RESEAUIDS,SNORT ET SÉCURITÉ RESEAU
IDS,SNORT ET SÉCURITÉ RESEAUCHAOUACHI marwen
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM ArchitectureNishanth Kumar Pathi
 
Supervision V2 ppt
Supervision V2 pptSupervision V2 ppt
Supervision V2 pptjeehane
 
Audit de sécurité informatique
Audit de sécurité informatiqueAudit de sécurité informatique
Audit de sécurité informatiqueMohamed Ali Hadhri
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onJustin Henderson
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Sécurité des systèmes d'information
Sécurité des systèmes d'informationSécurité des systèmes d'information
Sécurité des systèmes d'informationFranck Franchin
 
Cyber+incident+response+ +generic+ransomware+playbook+v2.3
Cyber+incident+response+ +generic+ransomware+playbook+v2.3Cyber+incident+response+ +generic+ransomware+playbook+v2.3
Cyber+incident+response+ +generic+ransomware+playbook+v2.3UnioGeek
 
French acreditation process homologation 2010-01-19
French acreditation process homologation 2010-01-19French acreditation process homologation 2010-01-19
French acreditation process homologation 2010-01-19Laurent Pingault
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Ben Rothke
 
Mehari
MehariMehari
MehariImane ABOU EL MARAI
 
Référentiels et Normes pour l'Audit de la Sécurité des SI
Référentiels et Normes pour l'Audit de la Sécurité des SIRéférentiels et Normes pour l'Audit de la Sécurité des SI
Référentiels et Normes pour l'Audit de la Sécurité des SIAlghajati
 
Présentation NAC-NAP PPT HARIFI Madiha
Présentation NAC-NAP PPT HARIFI Madiha Présentation NAC-NAP PPT HARIFI Madiha
Présentation NAC-NAP PPT HARIFI MadihaHarifi Madiha
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centersBrencil Kaimba
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with SplunkSplunk
 
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...Tidiane Sylla
 
Soc
SocSoc
SocMukesh Chaudhari
 
Siem OSSIM
Siem OSSIMSiem OSSIM
Siem OSSIMYaya N'Tyeni Sanogo
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
SIEM and Threat Hunting
SIEM and Threat HuntingSIEM and Threat Hunting
SIEM and Threat Huntingn|u - The Open Security Community
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarAlgoSec
 
Adaptive Security and Incident Response - A Business-Driven Approach
Adaptive Security and Incident Response - A Business-Driven ApproachAdaptive Security and Incident Response - A Business-Driven Approach
Adaptive Security and Incident Response - A Business-Driven ApproachAlgoSec
 

More Related Content

What's hot

Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onJustin Henderson
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Sécurité des systèmes d'information
Sécurité des systèmes d'informationSécurité des systèmes d'information
Sécurité des systèmes d'informationFranck Franchin
 
Cyber+incident+response+ +generic+ransomware+playbook+v2.3
Cyber+incident+response+ +generic+ransomware+playbook+v2.3Cyber+incident+response+ +generic+ransomware+playbook+v2.3
Cyber+incident+response+ +generic+ransomware+playbook+v2.3UnioGeek
 
French acreditation process homologation 2010-01-19
French acreditation process homologation 2010-01-19French acreditation process homologation 2010-01-19
French acreditation process homologation 2010-01-19Laurent Pingault
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Ben Rothke
 
Référentiels et Normes pour l'Audit de la Sécurité des SI
Référentiels et Normes pour l'Audit de la Sécurité des SIRéférentiels et Normes pour l'Audit de la Sécurité des SI
Référentiels et Normes pour l'Audit de la Sécurité des SIAlghajati
 
Présentation NAC-NAP PPT HARIFI Madiha
Présentation NAC-NAP PPT HARIFI Madiha Présentation NAC-NAP PPT HARIFI Madiha
Présentation NAC-NAP PPT HARIFI MadihaHarifi Madiha
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centersBrencil Kaimba
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with SplunkSplunk
 
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...Tidiane Sylla
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 

What's hot (20)

Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
EDR vs SIEM - The fight is on
EDR vs SIEM - The fight is onEDR vs SIEM - The fight is on
EDR vs SIEM - The fight is on
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
 
Sécurité des systèmes d'information
Sécurité des systèmes d'informationSécurité des systèmes d'information
Sécurité des systèmes d'information
 
Cyber+incident+response+ +generic+ransomware+playbook+v2.3
Cyber+incident+response+ +generic+ransomware+playbook+v2.3Cyber+incident+response+ +generic+ransomware+playbook+v2.3
Cyber+incident+response+ +generic+ransomware+playbook+v2.3
 
French acreditation process homologation 2010-01-19
French acreditation process homologation 2010-01-19French acreditation process homologation 2010-01-19
French acreditation process homologation 2010-01-19
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
 
Mehari
MehariMehari
Mehari
 
Référentiels et Normes pour l'Audit de la Sécurité des SI
Référentiels et Normes pour l'Audit de la Sécurité des SIRéférentiels et Normes pour l'Audit de la Sécurité des SI
Référentiels et Normes pour l'Audit de la Sécurité des SI
 
Présentation NAC-NAP PPT HARIFI Madiha
Présentation NAC-NAP PPT HARIFI Madiha Présentation NAC-NAP PPT HARIFI Madiha
Présentation NAC-NAP PPT HARIFI Madiha
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centers
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
 
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
ETUDE ET MISE EN PLACE D’UNE SOLUTION DE GESTION DE LA SECURITE DU RESEAU : C...
 
Soc
SocSoc
Soc
 
Siem OSSIM
Siem OSSIMSiem OSSIM
Siem OSSIM
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
 
SIEM and Threat Hunting
SIEM and Threat HuntingSIEM and Threat Hunting
SIEM and Threat Hunting
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
 

Similar to Skybox security

Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarAlgoSec
 
Adaptive Security and Incident Response - A Business-Driven Approach
Adaptive Security and Incident Response - A Business-Driven ApproachAdaptive Security and Incident Response - A Business-Driven Approach
Adaptive Security and Incident Response - A Business-Driven ApproachAlgoSec
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alAlert Logic
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudAlert Logic
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security DemystifiedMichael Torres
 
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar finalAlgoSec
 
Securing Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureSecuring Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureQualys
 
Uac sales pres_20_apr09-2
Uac sales pres_20_apr09-2Uac sales pres_20_apr09-2
Uac sales pres_20_apr09-2lousifers
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DaySymantec
 
Best Practices for Network Security Management
Best Practices for Network Security Management Best Practices for Network Security Management
Best Practices for Network Security Management Skybox Security
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolShah Sheikh
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Splunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für SecuritySplunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für SecuritySplunk
 
Subscribed 2015: Architecture, Security, Scalability
Subscribed 2015: Architecture, Security, ScalabilitySubscribed 2015: Architecture, Security, Scalability
Subscribed 2015: Architecture, Security, ScalabilityZuora, Inc.
 

Similar to Skybox security (20)

Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint WebinarCisco Firepower Migration | Cisco and AlgoSec Joint Webinar
Cisco Firepower Migration | Cisco and AlgoSec Joint Webinar
 
Adaptive Security and Incident Response - A Business-Driven Approach
Adaptive Security and Incident Response - A Business-Driven ApproachAdaptive Security and Incident Response - A Business-Driven Approach
Adaptive Security and Incident Response - A Business-Driven Approach
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the Cloud
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
 
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
2019 06-26 effective multi-vendor management -fortinet algo sec webinar final
 
Securing Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureSecuring Your Public Cloud Infrastructure
Securing Your Public Cloud Infrastructure
 
Uac sales pres_20_apr09-2
Uac sales pres_20_apr09-2Uac sales pres_20_apr09-2
Uac sales pres_20_apr09-2
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO Day
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
Best Practices for Network Security Management
Best Practices for Network Security Management Best Practices for Network Security Management
Best Practices for Network Security Management
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Splunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für SecuritySplunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für Security
 
Subscribed 2015: Architecture, Security, Scalability
Subscribed 2015: Architecture, Security, ScalabilitySubscribed 2015: Architecture, Security, Scalability
Subscribed 2015: Architecture, Security, Scalability
 

Recently uploaded

VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaimessage0108
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 

Recently uploaded (20)

VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of india
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 

Skybox security

  • 2. 2 Model the Attack Surface DMZ Security Controls Network Topology Assets Vulnerabilities Threats
  • 3. 3 Who We Are Silicon Valley HQ Offices around the globe Fastest–growing company in our space $270M funding since February 2016 5–star reviews Vulnerability/Threat Management Risk/Policy Management 700+ active customers 50 countries, all verticals
  • 4. 4 Who Relies on Us Financial Services Service Providers Government & Defense Energy & Utilities Technology & Manufacturing Healthcare Consumer
  • 5. 5 Why We’re Needed Limited visibility Non–actionable intelligence and data silos Lack of resources 97% of breaches are avoidable through standard controls
  • 6. 6 Why We’re Needed Unparalleled visibility and comprehensive network modeling Integration with existing technologies and added intelligence Intelligent automation and orchestration Skybox helps bridge the security management gap
  • 8. 8 Skybox Security Suite Attack Surface Visualization • Total visibility of the attack surface – Physical, virtual, cloud and OT environments – Vulnerabilities and threats • Measurable risk reduction • Improved communication across teams and up management chain Integrated Security Management
  • 9. 9 Skybox Security Suite Security Policy Management • Easy, efficient compliance reporting • Intelligent workflows and automation • Proactive risk assessments of security and network changes Integrated Security Management
  • 10. 10 Skybox Security Suite Vulnerability and Threat Management • Vulnerability prioritization aligned to the current threat landscape • Exposed and exploited vulnerabilities highlighted • Resources directed where they’re needed most Integrated Security Management
  • 11. 11 Skybox Security Intelligence Feed Exploits in the wild Vulnerabilities used in ransomware, exploit kits, etc. Attack vector details 700,000+ sites in the dark web 30+ security data feeds Skybox Research Lab
  • 12. 12 Security Policy Management • Network topology view • Normalized data from 120+ technologies • Physical, virtual, cloud and industrial • Access simulation • Cloud security tags • Firewalls • Rule and configuration checks • Network path analysis • Rule optimization • Change tracking • Automated audits • PCI DSS • FISMA • NERC • NIST • GDPR • Custom policies • Change request • Tech details • Risk assessment • Provisioning options • Reconciliation and verification Model Network Change Management Monitor Compliance Understand Network Context Confirm Effective Controls Document Compliance Continuously Verify Rulebase Analyze Security Controls
  • 13. 13 Vulnerability and Threat Management • Scanless vulnerability detection (physical/cloud) • Support for all third- party VA scanners • Threat-centric vulnerability management • Hot spot analysis • Attack simulation • Business impact • Network topology and compensating controls • Threat context • Imminent threats (exposed/active exploit) • Potential threats (known/available exploit) • Attack vector details • Remediation planning • Ticketing and workflow • Dashboards and reporting Same-Day Identification Highlight Assets at Risk Focus on Areas of Greatest Impact Respond Quickly Prioritize Response Discover Vulnerabilities Analyze Attack Surface Remediate & Track
  • 14. 14 Firewall Assurance Comprehensive Multi-Vendor Firewall Management 1 Collect & Normalize 2 Analyze 3 Report & Act Firewall Security Assessment How It Works Continuous Policy Compliance Firewall Rule Life Cycle Management
  • 15. 15 5 Verify 1 Request 4 Implement 3 Assess Change Manager Secure, Automated Firewall Change Management Change Management Automation How It Works Automated Risk Assessment Rule Recertification Workflow ! Identify 2
  • 16. 16 Network Assurance Complete Visibility and Command of Hybrid Network Access and Routes 3 Analyze in Context 2 Create a Model 1 Collect & Normalize Network Model How It Works Security Analytics Network Compliance Verification
  • 17. 17 Vulnerability Control Threat-Centric Vulnerability Management Scanless Assessments How It Works Network + Threat Context Exposed and Exploited Vulns 1 Assess 2 Analyze 3 Prioritize 4 Remediate 1 2 3
  • 18. 18 1 Collect & Normalize Threat Manager Threat Intelligence Analysis and Response Consolidated Threat Intelligence How It Works Contextual Threat Assessment Focused Threat Response 2 Check Relevancy 3 Track Remediation
  • 19. 19 March April May June Current Last 4 Months Visualize Your Entire Attack Surface From Multiple Perspectives Unsecure Device Configuration Exploitable Vulnerabilities Risky Access Rules Exploited in the Wild Vulnerabilities US 311 Assets 5 Firewalls Site Details Vulnerability Exposure Unsecure Device Configuration (Total: 72) Name: UDP reply packets – filtered Policy: Checkpoint FW Standard Policy #Violations: 1 Name: Encrypted Line Password - required Policy: Cisco IOS RTR Standard Policy #Violations: 1 Name: IP source routing - prohibited Policy: Cisco IOS RTR Standard Policy #Violations: 1 Name: Password Encryption Service - required Policy: Cisco IOS RTR Standard Policy #Violations: 1 Name: SNMPv3 Group - required Policy: Cisco IOS RTR Standard Policy #Violations: 1
  • 20. 20 Skybox Horizon Attack Surface Visualization Unsecure Device Configuration Misconfiguration enables the continuation and spread of attack Risky Access Rule Allows inbound access from DMZ to deeper in network Exploited in the Wild Vulnerability Vulnerability with available and active exploit is attacked
  • 21. 21 Attack Surface Model Context: Asset Exposure/Criticality Prod FW Main FW GatewayEastA Vulnerability Intelligence Main Router Backbone Core Router GatewayEastA IPS Attack Surface Model Context: Asset Exposure/Criticality Prod FW Main FW GatewayEastA Main Router Backbone Core Router GatewayEastA IPS Threat-Centric Vulnerability Management Vulnerabilities + Exploits in the Wild
  • 22. 22 Attack Surface Model Context: Asset Exposure/Criticality Prod FW Main FW GatewayEastA Vulnerability Intelligence Main Router Backbone Core Router GatewayEastA IPS Attack Surface Model Context: Asset Exposure/Criticality Prod FW Main FW GatewayEastA Main Router Backbone Core Router GatewayEastA IPS Threat-Centric Vulnerability Management Vulnerabilities + Exploits in the Wild Analytics Prioritize Imminent Threat High-priority remediation/mitigation Potential Threat Gradual risk reduction
  • 23. 23 Security in Multi-Cloud Environments Complete Visibility End–to–end path analysis Policy compliance across networks in a single dashboard view Out–of–the–box regulatory compliance checks Threat–centric vulnerability management AWS Azure NSX (Private)
  • 24. 24 Security in Industrial Networks OT Production Control System Network IT Business/ Corporate Network Visibility and path analysis for combined IT and OT networks Risk analysis Vulnerability detection Internet RTU/PLC/DCS Controller Units & Field Devices Neighboring Utilities Util C Util E Util A Util B Util D
  • 25. 25 GDPR—How Skybox Can Help Data Protection By Design Article 25 Record Processing Activities Article 30 Security of Processing Article 32 Breach Notification to Supervisory Authority Article 33 Breach Notification to Data Subject Article 34 Data Protection Impact Assessment Article 35
  • 26. 26 Take Control of Your Attack Surface Automation and Orchestration Threat and Vulnerability Intelligence Attack Surface Visibility and Analytics
  • 30. 30 • Integrates with existing infrastructure • Automation, workflows • Not a scanner, Agentless • Built-in ticketing system • APIs for integration with third-party systems • Appliance, virtual appliance, software only Deployment Diagram
  • 32. 32 A Comprehensive Network View • Network context • Network size, complexity • Multi-vendor environment • Routers, LBs, FWs, Assets • Routing tables, ACLs, IPS • NAT/PAT, VPNs, Tunnels Detailed Model Complex and Changing Network Device-Level view
  • 33. 33 Network Path Analysis • Routing/PBR • NAT/PAT/VPNs • Load Balancing • Firewall rules • Multiple routes Access Analyzer Understands
  • 34. 34 Continuous Compliance Monitoring –Access Compliance –Configuration Compliance –Rule Compliance • PCI, NIST, Custom Policies • Vendor best practices • Track exceptions Automated Compliance Checks
  • 35. 35 Optimise Rules • Spot shadowed and redundant rules quickly • Gather log data to analyse historical rule usage • Tighten the rule base, improve security and effectiveness • Have a consultative conversation
  • 36. 36 Zone-to-Zone Access Compliance Internet / External DMZ Finance Servers Development Partners Resellers Only Port 80 Only Ports 80, 8080, 443, 22 No Access New York Paris London
  • 37. 37 • Vastly improve operational costs • Reduce time to implement changes • Risk assessment before change is made • Automate changes/generate configuration • Reconcile changes Optimizing Change Management Workflow Automate Change Management Change Request Technical Details Risk Assessment Change Implementation Reconcile and Verify
  • 38. 38 Change Management Workflow Skybox Analytics Engine Request Technical Details Risk Assessment Implementation Verification Capture business/ technical details Translate Path identification Rule analysis Identify policy violations & Vulnerability exposures Accept/Reject Assign to team for provisioning Reconcile against observed changes Verify Access
  • 39. 39 Skybox Change Manager Change Management Workflow Risk Assessment VerificationImplementation Technical Details Other Change Requests Audit Trail Maintained Request for Firewall Change Request
  • 40. 40 • Skybox Research Lab aggregates 30+ vulnerability and threat feeds • More than 70,000 vulnerabilities on 8,000+ products • CVE compliant, CVSSv3 standard • Updated daily Skybox Vulnerability Database ADVISORIES Adobe Apple Cisco Microsoft Oracle Red Hat SCANNERS BeyondTrust Retina McAfee Foundstone Qualys Cloud Platform Rapid7 Nexpose Tenable Nessus Tripwire IP360 IPS Fortinet FortiGuard McAfee IPS Palo Alto Networks Trend Micro TippingPoint Cisco SourceFire OTHER CERT, ICS CERT Flexera Secunia IBM X-Force Mitre CVE NIST NVD OSVDB Symantec Security Focus Rapid 7 Metasploit Zero-day vulnerabilities for published incidents
  • 41. 41 Skybox Vulnerability Database Skybox Research Labs 30+ threat feeds … Dedicated team verifies, normalizes, adds more data … Subscribed customers updated daily
  • 42. 42 Main Uses of the Vulnerability Database Skybox Vulnerability Database Data Collection into Security Model Attack Simulation Vulnerability Detector Data normalization (vulnerabilities, IPS signatures) Attack vectors information Product and vulnerability profiling rules
  • 43. 43 Remediate the stuff that matters! • How do we prioritize for remediation? • Are critical assets at risk? • What’s our trend in fixing vs finding vulnerabilities? • Which vulnerabilities should I fix for the biggest impact? Vulnerabilities IdentifiedThreat-Centric Vulnerability Management
  • 45. 45 Attack Simulation Vulnerabilities CVE 2014-0160 CVE 2014-0515 CVE 2016-0076 Attack Vectors Compromised Server Internet Hacker Infected Partner