Skybox Security Unveils First Exposure Risk Management -- ERM -- Solution.Business Editors/High-Tech Writers RSA Conference The RSA Conference is a Cryptography-related conference held annually in the San Francisco Bay Area. The RSA Conference started in 1991 as a forum for cryptographers to gather and share the latest knowledge and advancements in the area of Internet security. 2004 Booth #439 SAN FRANCISCO--(BUSINESS WIRE)--Feb. 25, 2004 Skybox sky·box n. An elevated, usually enclosed private compartment for viewing events at a sports stadium. Noun 1. skybox - an elevated box for viewing events at a sports stadium (TM) View With Breakthrough Attack Simulation Zeros in on Most Critical Vulnerabilities in Hours Versus Weeks RSA (1) (Rural Service Area) See MSA. (2) (Rivest-Shamir-Adleman) A highly secure cryptography method by RSA Security, Inc., Bedford, MA (www.rsa.com), a division of EMC Corporation since 2006. It uses a two-part key. 2004 (Booth #439)--Skybox Security, Inc. today launched Skybox(TM) View, the first Exposure Risk Management (ERM (Enterprise Relationship Management) An umbrella term with many shades of meaning over the years. It may refer to the management of information from any or all of an organization's customers, suppliers, business partners and employees. ) solution and a new automated process for vulnerability management. Skybox View is based on breakthrough modeling and attack simulation technologies that create a "step-by-step recipe of an attack," the only way to identify critical vulnerabilities and eliminate the information overload A symptom of the high-tech age, which is too much information for one human being to absorb in an expanding world of people and technology. It comes from all sources including TV, newspapers, magazines as well as wanted and unwanted regular mail, e-mail and faxes. generated by conventional tools. With Skybox View, enterprises can accurately pinpoint, prioritize and eliminate high-risk security exposures -- in hours versus weeks or months. It is successfully deployed in large enterprise networks including international banking institutions, media firms and telecommunications corporations. "IT security professionals need a way to prioritize the mitigation of vulnerabilities. With an accurate and timely way to reduce the volumes of vulnerabilities produced by scanners down to the one or two percent of risks that really matter, enterprises can protect assets and eliminate threats to business-critical applications," said Mark Nicolett, security research VP for Gartner, Inc. Only one to two percent of the vulnerabilities generated from today's scanners are critical business risks. These tools are of limited value for large complex enterprise networks due to incomplete or inaccurate reporting. With tens to hundreds of thousands of vulnerabilities, at least ten new vulnerability types published daily and constant network changes, it takes weeks or months for enterprises to manually analyze this information -- an unacceptable window of exposure. Research at Dartmouth ISTS ISTS Institute for Security Technology Studies ISTS Individual Sewage Treatment Systems ISTS Institute for Space and Terrestrial Science ISTS Intel Science Talent Search ISTS International Sea Turtle Society ISTS Ion Source Test Stand (Institute for Security Technology Studies) underlines the significance of the "vulnerability exposure window," which states that four to six months after a system audit or a penetration test A test of a network's vulnerabilities by having an authorized individual actually attempt to break into the network. The tester may undertake several methods, workarounds and "hacks" to gain entry, often initially getting through to one seemingly harmless section, and from there, "the probabilities are very high (66% to 99%) that an attacker can conduct a full consequence compromise." What enterprises really need to know is "where can an attacker go?" and "what is the potential damage and business impact?" Skybox View introduces an automated four-step Exposure Risk Management process that allows security professionals and business executives to understand their real risk levels in near-real time: -- Model the environment: Creates a virtual model of the entire IT environment - including data from scanners, network management systems, firewall and router configurations, business logic and security policies - to predict all possible access routes. -- Simulate Attack Scenarios: Runs attack scenarios to zero in on the real exposures, the primary vulnerabilities that lie directly on an attack path to critical business applications and are reachable and exploitable. -- Calculate Business Risk: Business risk analytics are applied by assessing both the attack likelihood and damage potential, based on breaches and losses of confidentiality, integrity or availability. -- Plan Exposure Remediation: Presents all possible remediation measures and the minimum steps required to prevent the entire attack. Powerful what-if scenarios can help simulate the effect of changes before applying them to the IT infrastructure. "How can you assess risks without considering your firewall, routers and other systems in your analysis? Modeling your total environment and running attack simulation is the only way to find critical vulnerabilities automatically. Executives need these technologies to really understand their business risks on a timely basis," said Gidi Cohen cohen or kohen (Hebrew: “priest”) Jewish priest descended from Zadok (a descendant of Aaron), priest at the First Temple of Jerusalem. The biblical priesthood was hereditary and male. , president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Skybox Security. About Skybox(TM) View Skybox(TM) View is an enterprise software solution comprised of three components: Skybox View Collector, Skybox View Server and Skybox View Manager. It interoperates with leading networking and security products including: ISS ISS See Institutional Shareholder Services (ISS). Internet Scanner, eEye Retina, Nessus, Qualys, HP-OpenView, Check Point Firewall-1 (4.1 and NG), Check Point Provider-1 NG, Cisco PIX History Cisco PIX (Private Internet EXchange) is a firewall originally conceived in March 1994 by John Mayes of Redwood City, California and coded by Brantley Coiles of Athens, Georgia. , Cisco IOS Cisco IOS (originally Internetwork Operating System) is the software used on the vast majority of Cisco Systems routers and all current Cisco network switches. IOS is a package of routing, switching, internetworking and telecommunications functions tightly integrated with a Firewall, NetScreen, Iptables, Cisco IOS routers, and Nortel routers. Skybox View is available immediately. Pricing is tiered based on the number of infrastructure nodes of the enterprise network (servers, routers, firewalls). About Skybox Security Skybox Security, Inc. is an enterprise software company that develops and markets next-generation exposure risk management solutions that help enterprises identify and mitigate critical risks in hours versus weeks. Unlike conventional vulnerability management solutions, the company's flagship product A primary product of a company, which is typically why the company was founded and/or what made it well known. For example, MS-DOS, Windows and the Microsoft Office suite have been flagship products of Microsoft. CorelDRAW is a flagship product of Corel Corporation. , Skybox(TM) View, leverages existing firewall, router, network and vulnerability data to apply breakthrough modeling and attack simulation technologies that reveal the one to two percent of reported vulnerabilities that impact critical business applications. With Skybox View, executives and security professionals can dramatically raise security levels by shrinking the window of exposure from weeks to hours, understand critical exposures in the same terms, and apply scarce security resources where they are needed most. Founded in 2002, the company is headquartered in Palo Alto, California “Palo Alto” redirects here. For other uses, see Palo Alto (disambiguation). Palo Alto (IPA: /ˌpæloʊˈʔæltoʊ/, from Spanish: palo: "stick" and alto: "high", i.e. and is backed by Benchmark Capital, Lightspeed Venture Partners, Carmel Ventures, and Mofet Technology Fund. For more information contact (650) 565-8060 or http://www.skyboxsecurity.com. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion