Transcript: This video will demonstrate how Skybox Vulnerability Control can be used to discover or detect vulnerabilities without the use of an active scanner. In addition, we’ll look at how vulnerabilities from multiple sources are viewed within the product.

We are starting here in Vulnerability Control. We will pop down and look at the model behind the scenes, specifically at the vulnerability occurrences. So right now we have 1884 vulnerabilities that have been imported into the system from a Qualys scan. So I can see these vulnerabilities here—they are being grouped together by discovery method at this point. What we’ll do now is pop over to operational console and take a look at a specific task here called, “SCCM Direct Import.” This task will go out to an SCCM server, use a username and password to import that data directly into Skybox’s database; this will be the asset data that SCCM is managing, including the host name and IP address as well as the operating system and application versions that are on that particular host. So let’s go ahead and launch this. We will pop back over to Vulnerability Control, and we’ll wait for that importation to finish.

Okay we paused for a couple of minutes to let that data get imported. We’ll do a refresh, and we can see that we have 3300 vulnerabilities now, 1400 from SCCM. So these vulnerabilities represent missing patches on those assets that SCCM knows about. But in addition to that information, SCCM also has information about the applications that are on an asset. So here on my server REO, I see information about 7-Zip, Adobe, Microsoft, Mozilla and Oracle. But the only vulnerability we know about so far is a Microsoft Office vulnerability. So now what we’ll do is pop back over to operational console, and we’ll run another task—this one is SCCM vulnerability detector. This task will go out and match the application asset information on the hosts that came in from SCCM with Skybox’s vulnerability dictionary, and, in doing so, we’ll deduce new vulnerabilities on those assets. We’ll pop back over to vulnerability control. Let that run for a minute and then we’ll refresh. Look at that server REO, look at the vulnerability occurrences, and now we have many more vulnerabilities—674 vulnerabilities to be exact.

Vulnerabilities from Mozilla Firefox, Microsoft Office, Windows Flash Player—there’s all sorts of vulnerabilities in there. If we go back to our original screen vulnerability occurrences (let that load up) we can see we now have 22,000 vulnerabilities from three different sources. We've got those original 18,000 vulnerabilities from Qualys, 14,000 vulnerabilities from the missing patches that SCCM knew about and then another 19,000 vulnerabilities that Skybox has deduced using Vulnerability Detector which matched up our vulnerability dictionary with that SCCM asset data.

So this was a video demonstrating how Skybox Vulnerability Control can be used to discover or detect vulnerabilities without the use of an active scanner. To learn more about Vulnerability Control or any of the products in the Skybox suite, please visit skyboxsecurity.com.

# vimeo.com/110608880 Uploaded

Vulnerability Management Demos

Skybox Security PRO

The Skybox vulnerability management solution is based on Skybox Vulnerability Control (formerly Risk Control). Our innovative approach links scanless vulnerability assessment, context-aware risk analysis and remediation planning to resolve vulnerabilities…


+ More

The Skybox vulnerability management solution is based on Skybox Vulnerability Control (formerly Risk Control). Our innovative approach links scanless vulnerability assessment, context-aware risk analysis and remediation planning to resolve vulnerabilities more than 50 times faster than traditional vulnerability management processes. Resolve critical risks in hours, get actionable recommendations and track progress on SLAs all without the disruption of a scan and with near-zero false positives.

Browse This Channel

Channels are a simple, beautiful way to showcase and watch videos. Browse more Channels.