Skybox, the leader in security risk management, unveiled on Monday the industry’s first integrated suite of security risk management applications Skybox View Suite. The suite automates risk assessment, mitigation planning, audit certification and helps professionals to balance between application availability and network security.
The company has also revealed the industry’s first worm attack simulator that enables organizations to precisely predict business damage resulting from a malicious worm breach. The simulator is based on known worm characteristics and is being updated continuously. In addition, this component generates a list of mitigation plans that, if implemented, will block worm attacks and slow down the propagation to other parts of the network.
“Business owners, CISO and operations management need better decision support and analysis tools associated with network security risk assessment and network change assurance,” said David Batista, president and CEO of Skybox Security. “With Skybox Secure organizations can transform security from the great unknown to a business enabler that delivers measurable ROI. With Skybox Assure organizations can transform network change management from a labor-intensive and error-prone process to one that eliminates human error and streamlines audit compliance”
Today´s Balancing Act: Availability and Security
Today, the risk assessment and mitigation planning is an expensive, labor-intensive and inaccurate process that is conducted only a few times a year. With new security vulnerabilities born everyday, and a constantly changing network, security professionals try in vain to continuously assess, identify and remediate threat exposure — before critical business applications are compromised. What security professionals need is an automated, proactive and continuous approach to measuring and improving their organization´s state of security.
Similarly, IT network infrastructures are complex and constantly changing. Best practices dictate that network engineers follow a rigorous network change management process, which includes a well-defined procedure for approving, planning, scheduling and documenting changes. However, network engineers today have no way to analyze or validate if proposed changes are effective or if proposed changes will expose the organization to unacceptable risk exposure. Documenting and auditing policy compliance in context with network access and security exposure is not feasible with existing change management tools.
Moreover, since network changes are implemented on live networks without prior verification, network and user disruption is common. What network professionals need is a way to balance the connectivity needs of the business while minimizing network risk exposure without impacting network operations.
“Security and networking professionals have long needed a way to assess the impact of new threats and proposed network changes without subjecting their live networks to unnecessary disruption. Skybox View Suite gives security and network teams visibility and business context so they can safely assess security risks and network changes,” said Phebe Waterfield, Senior Analyst, Yankee Group.