One of the very interesting use cases of Skybox Security modules - specifically Firewall Assurance and Network Assurance - is an ability to detect vulnerability simply by analysing collected configuration files.
In the recent article on Skybox Security blog page, Marina Kidron, a director of threat intelligence and leader of the Skybox Research Lab, explained how customers get benefit of early detection of critical Cisco vulnerabilities.
In our experience, the roll-out of Skybox Security Firewall and Network Assurance modules greatly improves not only visibility of the network design, compliance with security policies, but also risks associated with unpatched network devices. As it is not uncommon for organisations to run unpatched network devices and firewalls, the focus of operations security managers should be offloading vulnerability management of network devices to their owners - managers of network teams.
The best way, in our opinion, is to provide access for network teams to Skybox so they see discovered vulnerabilities and can schedule security fixes appropriately.
Contact us to find our more on how Skybox and Foresight Cyber can help your organisation improve network security.