Difference between revisions of "skybox notes"
From thelinuxwiki
| Line 26: | Line 26: | ||
'''Vulnerability Control -Context-Aware Prioritization''' | '''Vulnerability Control -Context-Aware Prioritization''' | ||
| + | *hotspots mapped to business units, geography, vendor platforms and/or security bulletins | ||
| + | *threat origins defined | ||
Revision as of 18:21, 17 February 2016
skyboxsecurity
Firewall Optimization and Cleanup
- shadowed rules
- redundant rules
- rule usage, unused identified
Firewall Policy Compliance
- out of the box cis benchmarks
- examples: snmp community string violations
- access (rule) policy violations
- example: login services to dmz
Network Visibility and Intelligence
- firewall map
- zones
- validation
- missing hops
- export as image or visio
- access analyzer!! will show which firewalls allow and which deny, identify which devices need rules
Vulnerability Control - Actionable Remediation
- risk = impact x likelyhood
- remediation tickets and tracking
Vulnerability Control -Context-Aware Prioritization
- hotspots mapped to business units, geography, vendor platforms and/or security bulletins
- threat origins defined
