Your organisation or your clients have invested in Skybox Security software in order to:
Be Smarter - Gain the advantage over attackers with advanced vulnerability and threat intelligence.
See & Understand - Zoom in on security control gaps with comprehensive network modelling and cutting-edge attack vector analytics.
Act Quickly - Protect important systems and data in minutes with remediation plans specific to your network and systems.
Secure these benefits with Foresight Cyber Skybox Managed Services now!
Skybox Management by trusted professionals
… supported by the Skybox executive leadership team
Skybox Technical Application Management Service
Technical management of Skybox servers and collectors, ensuring the application is available, updated/upgraded and with adequate capacity. This service is aligned with the former Skybox AMS delivering seamless transition from Skybox AMS into a more advanced service.
Operating system management - full management of operating system running Skybox server(s) and collector(s) application, ensuring they are managed correctly and up-to-date
Availability and capacity management - monitoring of Skybox servers and collectors using the Foresight Cyber Platform
Skybox software updates - our teams monitor for applicable Skybox application releases and initiate an update process aligned to a client’s change management requirements.
Licence monitoring & management - We monitor the number of objects in the model, comparing to purchased licences. When a threshold is reached (typically 80%) the client is notified.
Backup and Restore - We ensure that the Skybox data, scripts and any other files required for the Skybox application are properly backed up. The restore is tested annually.
User & Access Management - Our service builds on the initial setup and ensures that organisational changes are correctly reflected in the Skybox user access control design.
Skybox Functional Application Management Service
Managing the Skybox application and data within it ensuring the collections, model, asset data, analyses and exports are correct in order to demonstrate business value.
Network Model - We continually monitor and manage the Skybox model to ensure that the “Locations & Networks” structure correctly represents the client’s network sites. Additionally, we ensure the Skybox model is validated, thus representing the actual network topology.
Lifecycle of network devices in Skybox model - The model is updated whenever a network device is either added or removed from the network.
Network Maps - Network maps of the model are produced which provides up-to-date and well-presented view for the organisation’s network and, if appropriate, each individual site.
Business Asset Model - We replicate the IT business structure to Skybox in order to allow advanced reports and queries. Assets cab be grouped based on any given attribute in the Skybox data model, including user defined attributes, e.g. AWS tags.
CMDBs Imports & Correlations - For Skybox to deliver the business value, it needs network assets to be enriched with CMDB information. As part of this service, we connect supported CMDBs to Skybox and setup imports of selected data objects and attributes to the model. This service identifies and reports on any variances between data in the CMDB and that discovered on the network. Service tickets can be created for action by the IT team.
FA & NA Policies - We maintain two firewall and network configuration policies – standard and high-security, respectively. Imported firewalls are organised into ‘visual’ folders. Network zones containing interfaces, networks and cloud tags are created and maintained.
Task Management - We monitor all tasks, analyse errors detected and initiate rectification workflows. Our team also manage all tasks and tasks sequences.
Review of client’s network maps for accuracy - It is understood that maintaining precise network diagrams is a manual and error-prone activity. Consequently, we conduct a quarterly review of the client’s network Visio maps - often maintained by network teams - for accuracy against the model. The benefit of this service is the high precision of documentation.
Skybox Remediation Management Service
Foresight Cyber offers a remediation management service to assist the internal support teams, in effect becoming an extension of the client’s security operations team: working together to ensure effective policy compliance and lower security risk.
Zone compliance - We monitor violations of network zone policies and raise incident tickets as agreed by customer.
Firewall rules compliance - We analyse firewall rule bases for compliance irrespective of zones, taking into account the client’s firewall policies.
Vulnerability remediation - We take the client’s vulnerability management policy, use Skybox to analyse vulnerabilities, and raise incident tickets to remediate. Typically, remediation is organised by patches, operating systems or sites; as agreed with the client. Tickets raised are fully managed to ensure that slow delivery or lack of remediation by IT teams or service providers are significantly reduced.
Firewall rules re-certification - We manage firewall rule re-certifications (a functionality in Skybox Change Manager) and manage the workflow. The re-certification is a process mandated by firewall management best practices, and essentially reconfirms whether a firewall rule is still valid.
FW changes assessments - As part of this service, we are able to analyse firewall requests and provide compliance and risk scores. This workflow can be undertaken before or after firewall changes. (The service requires Skybox Change Manager for up-front assessments).
Network/Firewall hardening - As part of this service we analyse network devices against agreed hardening standards.