Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Overview
Model the Attack Surface
DMZ
2
Fastest–growing company
Silicon Valley HQ
in our space
Offices around the globe
$270M funding since February 2016
Who We Are
5–star reviews
700+ active customers
Vulnerability/Threat Management
50 countries, all verticals
Risk/Policy Management
3
Who Relies on Us
4
Why We’re Needed
5
Why We’re Needed
6
Improve Existing Resources
Firewall/Network
Security &
Infrastructure
Vulnerability
Management,
SIEM
120+
technology
Endpoint integrations
Security
Cloud/
Virtual
7
Skybox Security Suite
8
Skybox Security Suite
9
Skybox Security Suite
10
Skybox Security Intelligence Feed
700,000+ sites
in the dark web
Vulnerabilities used in
ransomware, exploit kits, etc.
30+ security
data feeds
Attack vector details
11
Security Policy Management
12
Vulnerability and Threat Management
13
Firewall Assurance
Comprehensive Multi-Vendor Firewall Management
How It Works
1 2 3
14
Change Manager
Secure, Automated Firewall Change Management
How It Works
1 2 3 4 5
15
Network Assurance
Complete Visibility and Command of Hybrid Network Access and Routes
Network Compliance
Network Model Security Analytics
Verification
How It Works
1 2 3
16
Vulnerability Control
Threat-Centric Vulnerability Management
How It Works
1
2
3
1 2 3 4
17
Threat Manager
Threat Intelligence Analysis and Response
How It Works
1 2 3
18
Visualize Your Entire Attack Surface From
Multiple Perspectives
US
Unsecure Device Configuration (Total: 72)
Exploitable
Vulnerabilities
19
Skybox Horizon
Attack Surface Visualization
20
Threat-Centric Vulnerability Management
Vulnerability
Intelligence Prod FW Backbone Core Router
Vulnerabilities
+ Main Router GatewayEastA
21
Threat-Centric Vulnerability Management
Imminent Threat
Vulnerability
High-priority
Intelligence Prod FW remediation/mitigation
Backbone Core Router
Analytics Prioritize
Vulnerabilities
+ Main Router
Potential Threat GatewayEastA
22
Security in Multi-Cloud Environments
NSX
AWS Azure
(Private)
Complete Visibility
Out–of–the–box regulatory
compliance checks
Threat–centric
vulnerability management
23
Security in Industrial Networks
Util Util
Vulnerability detection E A
Internet
Util
B
RTU/PLC/DCS Util Util
Controller Units & C D
Field Devices Neighboring
Utilities
24
GDPR—How Skybox Can Help
Article 25 Article 30 Article 32
Record
Data Protection Security
Processing
By Design of Processing
Activities
Breach Notification
Breach Notification Data Protection
to Supervisory
to Data Subject Impact Assessment
Authority
25
Take Control of Your Attack Surface
26
Thank You
Skybox Security
Technical Overview
28
Skybox Architecture
29
Deployment Diagram
• Integrates with existing
infrastructure
• Automation, workflows
• Not a scanner, Agentless
• Built-in ticketing system
• APIs for integration with
third-party systems
• Appliance, virtual appliance,
software only
30
Network Model Visualization
31
A Comprehensive Network View
Detailed Model Complex and Changing Network
• Network context
• Network size, complexity
• Multi-vendor environment
Device-Level view
32
Network Path Analysis
Access Analyzer
Understands
• Routing/PBR
• NAT/PAT/VPNs
• Load Balancing
• Firewall rules
• Multiple routes
33
Continuous Compliance Monitoring
Automated
Compliance Checks
– Access Compliance
– Configuration Compliance
– Rule Compliance
• PCI, NIST, Custom Policies
• Vendor best practices
• Track exceptions
34
Optimise Rules
• Spot shadowed and redundant
rules quickly
• Gather log data to analyse
historical rule usage
• Tighten the rule base, improve
security and effectiveness
• Have a consultative conversation
35
Zone-to-Zone Access Compliance
Internet /
External
Only Port 80
No Access
Paris
New
York
DMZ
London
Development
Partners
Only Ports 80, 8080, 443, 22
Resellers
Finance Servers
36
Optimizing Change Management Workflow
Automate Change Management
Change
Request
• Vastly improve operational costs
• Reduce time to implement changes Technical
Details
Reconcile
and Verify
37
Change Management Workflow
Technical Risk Implementation
Request Verification
Details Assessment
Technical Risk
Implementation Verification
Details Assessment
39
Skybox Vulnerability Database
• Skybox Research Lab aggregates 30+ vulnerability and
threat feeds
• More than 70,000 vulnerabilities on 8,000+ products
• CVE compliant, CVSSv3 standard
• Updated daily
40
Skybox Vulnerability Database
Subscribed customers
30+ threat feeds updated daily
Skybox
… Research
…
Labs
Dedicated team
verifies, normalizes,
adds more data
41
Main Uses of the Vulnerability Database
Product and
vulnerability
profiling rules
Data Collection
Attack
into Security
Simulation
Model
Vulnerability
Detector
42
Remediate the stuff that matters!
43
Threat-Centric Prioritization
44
Vulnerabilities
CVE 2014-0515
CVE 2016-0076
Compromised
Server
Internet
Hacker
Attack Vectors
Infected
Partner
45
Thank You
46