Educational Brief
Skybox Cyber Security Best Practices
Three steps to reduce the risk of Advanced Persistent Threats
With continuing news coverage of sophisticated and targeted attacks that can go undetected for months,
it no wonder that IT security professionals are actively searching for ways to combat these threats.
Perpetrators of Advanced Persistent Threats or APTs are patient and determined. If there is a security
gap (and every network has one) they will find it. But, there are steps you can take to significantly lower
the risk of attack or focus your limited IT security resources to pinpoint suspicious activities.
Know Your Network - Complex networks are hard to keep track of and strained budgets mean that
too few people have the correct tools to completely understand their network. With Skybox you can
model your entire network infrastructure and visualize your security topology. You might find a
collection of unapproved devices, a wireless network that isn’t supposed to exist or an access path
from the internet to an important asset that shouldn’t be accessible. How do you defend a network if
you aren’t sure what it looks like? Additionally, it’s easier to sell upper management on the need for
additional resources when they can visually see the complete picture.
Automate - If you’re still trying to manage your network security manually, stop. A CISO from a large
organization recently reported that their security team was being “nickel and dimed to death”, with
tons of time spent reviewing growing sets of firewall rules and sifting through endless vulnerability
reports. Many daily security activities start with tasks that can be automated – data collection,
correlation, analysis, alerting, reporting. Automate the time-consuming (but necessary) tasks, and
precious security expertise can be applied better elsewhere.
Be Proactive Addressing Known Security Holes - While an APT using a zero-day vulnerability can
be frightening, In ComputerWeekly.com security expert, Ionut Ionescu, noted “they [APT attackers]
used not only attack vectors specific to sometimes obscure equipment, but also attack vectors against
well-known, publicised and patchable vulnerabilities.” Close the open doors and windows quickly, and
you’ll lower the chance and exposure window of a potential attack. Tools such as Skybox Risk Control
can find and prioritise ‘exploitable vulnerabilities’ based on a combination of vulnerability scan data,
threat information, and a view of the asset information. The tool then provides you with a prioritised,
actionable list of the most critical issues to address first.
Risk reduction also requires continuous monitoring and determined effort. Whether you are concerned
about APTs or just fighting garden-variety malware and cyber criminals, you can put into place the
tools and processes that will make it easier to conduct daily, systematic, and measurable risk
reduction.
1
www.skyboxsecurity.com
Skybox View Platform Suite
Skybox Solutions
The Skybox View Enterprise Suite is a set of tools that give IT security and operations managers a better
view of their network, so they can find and address network security, compliance, and availability risks –
within minutes. Each of these tools is built on the Skybox View Platform, providing a common platform for
data collection, modeling & simulation, and reporting.
Skybox® Firewall Assurance
Firewall Assurance allows IT operations or security managers to assess their firewall compliance status in a
fraction of the time of manual audits. It automates steps in the compliance process, predicts the impact of
planned network changes, and helps the IT team avoid mis-configurations that could result in security or
compliance exposures.
Skybox® Change Manager
Skybox Change Manager adds complete automated change workflow capabilities to Skybox Firewall
Assurance. Change Manager allows firewall administrators to continuously monitor and centrally manage all
firewall change requests for complete pre and post change functionality.
Skybox® Network Assurance
Network Assurance creates a model of the network topology and analyzes the interactions between all
network devices (routers, firewalls, load balancers, etc.). It enables an accurate balancing between the
security and availability requirements of the network, and quickly find root causes of actual or potential
network outages.
Skybox® Risk Control
Risk Control automatically collects and correlates vulnerability scan data with information about network
topology, device settings, asset values and known threats. With Risk Control network security teams can
avoid manual risk analysis, eliminate unnecessary patching, simulate responses to cyber attacks, and
respond quickly to new cyber threats.
European Office
UK, Central Europe, France & Belgium
Skybox Security UK Ltd
55 Old Broad Street
London EC2M 1RX
Headquarters Office
Skybox Security, Inc.
2099 Gateway Place, Suite 450
San Jose, California 95110 USA
Copyright © 2011 Skybox Security, Inc. All rights reserved. Skybox and Skybox View are trademarks of Skybox Security, Inc.
All other registered or unregistered trademarks are the sole property of their respective owners.
2
www.skyboxsecurity.com