Skybox Security, a global leader in cyber security operations, analytics and reporting, on May 3, announced the availability of threat-centric vulnerability management (TCVM) for the Skybox Security Suite, signaling a fundamental shift in the approach to managing and prioritizing vulnerabilities. TCVM changes vulnerability management from an exercise of trying to patch “everything all the time” to focused, intelligent action that considers real-world threats. TCVM does this by correlating multiple factors to determine vulnerability risk, including:
- The context of an organization’s environment, such as: potential attack paths and security controls in place, each asset’s exposure and importance to the business, and details of existing vulnerabilities
- Intelligence on vulnerabilities being exploited in the wild
With the Prioritization Center in Skybox Vulnerability Control, security leaders can automatically analyze the thousands — even millions — of vulnerabilities in their environment (including cloud and virtual) to pinpoint those that are truly putting their organization at risk. This means narrowing a huge volume of “known” vulnerabilities that are potential threats down to a small, manageable number of vulnerabilities that are identified as imminent threats — exposed vulnerabilities known to be exploited in the wild. In addition, TCVM enables a systematic approach for ongoing, gradual risk reduction of potential threats that could escalate in the future.