Skybox offers free threat data

One of the beauties of the cloud, when it comes to security issues, is its ability to offer easy access to increasing amounts of valuable threat data which can help security professionals evaluate the vulnerabilities their organisations face.

Servicing this opportunity is the goal of Skybox Security, a US-based provider of risk analytics for cyber security. It has just launched the Skybox Vulnerability Centre, a free, online resource for IT security practitioners.

Access to the Centre also includes access to the company’s Vulnerability Database, which it claims is one of the most advanced vulnerability databases in the industry. Users can search the database by vendor, category, severity, date, CVE number and more, and drill down for special details on specified vulnerabilities.

“We believe the foundation of any information security protection architecture should start by reducing the surface area of attack by using a combination of techniques. These techniques limit a hacker's ability to reach systems, find vulnerabilities to target and get malware to execute.”

A cornerstone element of the Centre is the Skybox Vulnerability Index, a measurement that indicates the scale and severity of the vulnerability attack surface, or the sum of all cyber-attack vectors against a typical enterprise organisation. The Index is calculated daily from a summation of factors assigned to every vulnerability in the database, which consolidates vulnerability data for more than 1,000 products used extensively in enterprise network environments.

Fluctuation in the Skybox Vulnerability Index provides a signal of the dynamic scope of the IT risk exposure that vulnerabilities pose to an enterprise organisation. Many take months to completely scan their infrastructure for vulnerabilities and perform remediation tasks, leaving many vulnerabilities exposed for months at a time. The Index is calculated over a rolling 90-day view of reported vulnerabilities, corresponding to the risk level of an organisation with a vulnerability remediation cycle of 90 days.

“The Skybox Vulnerability Index enables organisations to understand how the constant stream of reported vulnerabilities affects their attack surface,” said Gidi Cohen, CEO of Skybox Security. “Using our web application, IT security professionals can customise the Index, such as by vendor or by category, and remediation window, to gain insight into the type and severity of vulnerabilities that have been reported since their last vulnerability assessment cycle. With this knowledge, security teams can orchestrate effective and efficient vulnerability remediation efforts that dramatically reduce the attack surface and quickly decrease overall risk.”

According to a Skybox security survey, the vulnerability management cycle from vulnerability assessment to remediation can range from as little as a week or two in critical areas of the network, to months or longer. Additionally, most organisations deploy a ‘round robin’ scanning approach that assesses only a small portion of their infrastructure on an infrequent basis, leaving a large window of risk exposure that is wide open to data breaches and attacks.

The Index shows that the vulnerability risk to enterprises with 90-day or longer remediation cycles rose significantly throughout 2012, then was at a fairly steady level in 2013. For the first two months of 2014, it shows a marked drop of about 40 percent year-over-year, indicating that organisations may be able to make headway, at least temporarily, in reducing risk levels through a vulnerability management system. The company believes that the exposure will start rising again, however.

The Vulnerability Center and the Database web application are now available here.