Skybox Security Suite is many things besides vulnerability management and, perhaps, that is a major strength. Many of the modules interact in such a manner that the overall management of vulnerabilities - particularly analytics - is enhanced significantly. However, we were a bit disappointed with our evaluation. Everything that we were presented was pre-done. It was a lot like walking through slideware.
There is a lot to like about this product. It is extremely feature-rich. However, that comes at a price. Configuration and management are not easy. It takes time and a good understanding of one's environment and the Skybox infrastructure to get the most out of the tool. Vulnerability control is one of several aspects, including ChangeManager, FirewallAssurance, NetworkAssurance and ThreatManager. All of these work together to give a broad picture of the state of the enterprise from a risk perspective. VulnerabilityControl and ThreatManager are part of the vulnerabilities and threats part of the platform, while the rest are classed as the security policy management piece.
The vulnerability management functionality uses passive scanning. In other words, quoting from the user guide, it uses “scanless deduction of vulnerabilities and attack simulation.” The jury is still out somewhat on the effectiveness of passive vulnerability assessment. There certainly are advantages in terms of disruptiveness, safety (since certain kinds of attacks that would bring the system down never need be used) and the ability to scan 24/7, but, as well, there are questions about missing vulnerabilities.
We ran the Skybox installer in our VMware environment with no trouble at all. When we were set up and launched we had the ability to launch the demo model, which we proceeded to do. Going through the model it was plain that we were using a very powerful system. However, there was a lot about it that we could not test. For example, the specification shows that the tool supports a huge number of third-party products, but we had no way to test that.
The dashboard is what one would expect and it has a lot of options. Everything is under four main tabs: summary (the landing page), discovery centre, analysis centre and remediation centre. The discovery centre is the starting point. Everything in the enterprise should be discovered and displayed here. The analytics centre shows details and metrics about vulnerabilities and exposures with good graphics and drill downs while the remediation centre helps admins track remediation against SLAs.
This appears to be a powerful set of capabilities and it certainly is priced right given its feature set. The website is very good with the resources one would expect. One interesting piece is its end of life policy. This is something most vendors ignore - until users receive an email that says their version is being fazed out so they'd better buy the latest. There are several levels of support from basic no cost to full premium support (at a cost, of course) and professional services.
Vendor Skybox Security
Flagship product Security Suite
Description Very good functionality with solid control over its functions.