When you import all the assets that you have, like desktops, servers, networks, devices, routers, and then firewalls, and other products, then Skybox makes like, a model of the network, but with context. 

So, it is not just a model in VIZIO. Or something like it like that. You get the model with context, and, like, it looks like a real network in a real-time. So you can check your network and the security of your network on that model. 

After that, Skybox adds vulnerability management of the assets in your network. For example, if you have 3,000 vulnerabilities in your network. You can find those vulnerabilities, but you cannot decide or you don't know which ones are the priority ones. So maybe there are vulnerabilities, but they are behind some firewalls. 

Even though they are serious, you don't have to start with them because there is no access to those assets because of the rules on the firewall. So it is vulnerability prioritization. You get the list of  10 to 20 most serious and most dangerous vulnerabilities, and you also get advice on how to patch them or how to get rid of those vulnerabilities. 

So it's important that you get the model of your network then you can see what assets are available from the outside and what are the parts for those assets. And if you will allow it or not, allow it or not. And then, on the other side, there is this vulnerability prioritization.

So the vulnerability management capability of Skybox really helps in security strategy when you know how to properly use it. 

It cuts your time in order to patch several hundreds of vulnerabilities. You can concentrate on the most important ones. 

Specifically, in the Vulnerability Management piece, vulnerability management products are very noisy and they provide this arbitrary score called the CVSS that rates the criticality of the vulnerability. How bad would it be if somebody were to exploit this vulnerability? That doesn't matter if I have something on the network that prevents that vulnerability from being exploited. What Skybox does is to allow organizations, including three of my largest customers, to reprioritize the vulnerability they attempt to patch and mitigate, based on the contextual awareness of the network.

Also, for the vulnerability, it's the operational efficiency of the patching team. Patch management programs are very expensive to run from a headcount cost, and also from a potential downtime cost, and there is a never-ending stream of vulnerabilities. The ability to contextualize those and recast them in a meaningful way to my organization, and to all my customers, has been very valuable in increasing the efficiency of the patching process.

With the Firewall Assurance, that changes the way applications are introduced into the environment. So instead of asking for firewall rules which may or may not be relevant, or could already be there, or could be over-permissioned, Skybox can be used to map out the resources that that application is going to use and provide the exact rules that an application would require to function correctly. If the traffic isn't able to flow for the application, if it's erring out, Skybox can be used to troubleshoot that and say, "All right, where is the traffic being stopped and why, and how do I fix that."

It's given us more visibility in terms of what are the kinds of configurations that are on these devices, and how many of these are stale rules. So it's helped greatly in terms of cleaning up of rules, for sure. And it has definitely given a more secure way of backing up the configuration on these devices.

It has grown organically and become a full featured suite. If you have the funding, you can make it do all types of great things.

It has automated things. What was a manual process is now just running a report and delivering it to the people who have to mitigate the issues. A better workflow.

Skybox Security Suite is a great, strong solution. But you need a good engineer with high-level technical skills. For businesses it is a great solution - you look at the pie chart and understand everything. But if we talk about technical expertise, you need one or two technical expertise guys on your team to support this platform. You need to check, understand and discuss all cases and events, analyze these events, and make changes in your infrastructure. In terms of the technical aspect, it's good. For businesses, it is great.

We have been able to generate reliable results with Skybox Security Suite. Getting a hold of this information from customers and our business competitors is often difficult to do within our customers' timelines.

What we have done is found a lot of misconfigured stuff on firewalls. Our company, Verisk, is a company that buys other companies. We have 70 or so companies at last count and most of them are founder-based companies we bought. They had little to no idea of how to actually secure a firewall correctly. Using Skybox, when we bring them on we take a look at how their firewalls are configured and then make recommendations as far as what they need to do to tighten it up. That is the main function we've been using it for and that is where we have gotten the most benefit out of it.

From Firewall Assurance, the only other real benefit you get is eliminating shadowed rules and redundant rules. You can optimize a little bit based on real usage to move the rules that are used more towards the top of the access lists so that the firewall processes them a little faster. It's a small benefit but it's definitely something that, depending on your business, may be important to you.

When we are adding new users to the network it has an impact on the security posture of the organization. So we use this product to do analysis, what kind of impact it will have on the security. What are the particular applications which may be required in terms of access controls, what are the changes, what are the policies we should put on the firewall? And in case we need to have a temporary policy, we can then revert back to the original one. All of these things have really helped us improve the security and network systems.

This is something we are on the way to doing.

Our customers have not had any complaints about the Skybox Security Suite.

Focuses resources on business-critical remediation, as opposed to remediation that is quantity-based.

Standard scanning solutions are not able to give any priority in terms of associated risk from identified vulnerabilities. Understanding the real exposure from vulnerabilities and associated assets can reduce the time and investment needed to mitigate risks.

Also, by reducing the number of vulnerabilities that have to be analyzed and managed we have the chance to create a process of management.

User interface. A web interface would be better.

With the combination of the vulnerability management database and third-party integration, vulnerability management is very rich. When you add the network model, Skybox can tell you exactly which vulnerabilities in the infrastructure are exploitable. I have seen examples where there are 7,000 vulnerabilities exposed at one time. This includes highlighting things that are open, or exposed.