Difference between revisions of "skybox notes"

From thelinuxwiki
Jump to: navigation, search
Line 26: Line 26:
  
 
'''Vulnerability Control -Context-Aware Prioritization'''
 
'''Vulnerability Control -Context-Aware Prioritization'''
 +
*hotspots mapped to business units, geography, vendor platforms and/or security bulletins
 +
*threat origins defined

Revision as of 18:21, 17 February 2016

skyboxsecurity

Firewall Optimization and Cleanup

  • shadowed rules
  • redundant rules
  • rule usage, unused identified

Firewall Policy Compliance

  • out of the box cis benchmarks
  • examples: snmp community string violations
  • access (rule) policy violations
  • example: login services to dmz


Network Visibility and Intelligence

  • firewall map
  • zones
  • validation
  • missing hops
  • export as image or visio
  • access analyzer!! will show which firewalls allow and which deny, identify which devices need rules

Vulnerability Control - Actionable Remediation

  • risk = impact x likelyhood
  • remediation tickets and tracking

Vulnerability Control -Context-Aware Prioritization

  • hotspots mapped to business units, geography, vendor platforms and/or security bulletins
  • threat origins defined