Skybox Security Skybox Risk Control
February 03, 2014
$13,300 (appliance, updates, 100 one-year licenses).
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Interesting and powerful new approach to threat management.
- Weaknesses: Relies heavily on external data sources.
- Verdict: Large enterprises and high risk environments will likely get excellent use out of this product. Administrators of smaller, low-risk networks will liekly find it to be overkill.
Skybox Risk Control from Skybox Security approaches vulnerability management from a different direction. Focusing more on total risk than individual threats, this product analyzes networks in a holistic manner, enabling security teams to first remediate threats to hosts that could cause the most damage rather than relying solely on criticality ratings.
Product setup was simple and straightforward. After unboxing and racking the appliance, we connected a keyboard and mouse and ran through the initial network setup wizard. We then connected to the device through a web browser and downloaded the client application.
Skybox Risk Control is comprised of a central server, a series of data collectors and the client application used to manage the system. It is available as individual software components or a hardened physical appliance. While the server and collector components can be installed on either Windows or Linux platforms, the client portion is a Windows-only application. User authentication can be handled internally or via the product's SiteMinder, RADIUS or LDAP integration features. Rather than performing vulnerability scans itself, the product imports data from system management tools, such as Microsoft's WSUS and System Center; vulnerability scanners, such as Nessus; and other tools, and analyzes that data comparing it to its own Vulnerability Dictionary. This is an important point: This solution is not an all-in-one vulnerability scanning and management system. It uses third-party data to perform risk analysis. We found this to be a potentially powerful approach, but users should be aware that they will need to have tools to generate that data in place before making use of this product. Coupling that data with the product's network mapping and attack simulation tools allows it to perform a risk analysis. The network risk analysis combines impact ratings from CVSS scoring with the product's own attack simulations to automatically determine risk, making it easier for security teams to remediate vulnerabilities based on risk to the enterprise, rather than relying on pure severity ratings. Once this analysis is complete, it generates a list of recommendations, such as IDS deployment, system patching or configuration changes.
Skybox offers excellent product documentation for this tool. And, the company offers two tiers of support: The standard package provides for phone and email assistance during normal business hours, as well as access to an online knowledge base and support portal. The premium upgrade includes all the options of the standard package, but expands the phone and email hours to 24/7. Skybox also offers a series of professional and deployment services designed to assist subscribers in all aspects of the installation and use of the product.
Skybox Risk Control starts at $13,300, which includes the Skybox 5000 appliance, Vulnerability Dictionary content updates, and 100 12-month subscription licenses. Standard support is priced at 18 percent of the net cost, while the premium upgrade will cost subscribers 22 percent of net.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards