Gartner cybersecurity analysts recognize Skybox in the Vulnerability Prioritization Technology, OT Security, and Network Security Policy Management categories





News summary

Modern security technologies quickly identify, mitigate threats, and reduce exposure

Technologies promise to deliver significant security visibility and response improvements with in-depth analysis of the root cause of exposures

Well-defined, outcome-driven, business-specific security requirements based on quantitative evidence are key to the efficient and effective use of security budgeting and resourcing1

SAN JOSE, Calif.–(BUSINESS WIRE)–Skybox Security is proud to announce that Gartner® featured its cybersecurity solutions in six Hype Cycle Reports™ this year. Gartner Hype Cycles evaluate must-watch enterprise technologies so end-users can identify high-value innovations. According to Gartner, “executive leaders should use this research to make decisions about investing in the right innovations at the right time.”2

Gartner recognized Skybox solutions across three cybersecurity categories:

Vulnerability Prioritization Technology (VPT)

OT Security

Network Security Policy Management (NSPM)

Quickly identify, mitigate threats, and reduce exposure

“According to us, our inclusion in six Gartner Hype Cycles across three critical cybersecurity categories highlights the extraordinary business impact of our award-winning solutions. Not only do we lead the industry in proactive Security Posture Management, Skybox also incorporates comprehensive Exposure Management to identify, remediate, and mitigate the security gaps that pose a real threat to our customers,” said Gidi Cohen, CEO and Founder, Skybox Security. “Testing attack feasibility with our network model is critical to vulnerability prioritization across IT, OT, and hybrid cloud environments. We deliver the industry’s only solution combining Vulnerability Management, Security Policy Management, and OT Security capabilities to drastically reduce business risk and exposure to cyberattacks.”

Skybox offers the only Security Posture Management Platform that combines infrastructure context with threat intelligence to unlock unprecedented visibility of the expanding attack surface spanning IT, hybrid cloud, and OT environments. This allows enterprise networking, cloud, security, and risk teams to comply with corporate and regulatory policies, reduce misconfigurations, improve cyber hygiene, securely automate changes, and prioritize remediation of the riskiest vulnerabilities.

Skybox Security is featured as a Sample Vendor in the following 2022 Gartner Hype Cycles:

Hype Cycle for Security Operations, 2022

Gartner notes: “The entries included in this Hype Cycle aim to help security and risk management leaders strategize and deliver effective response and remediation.” In this Hype Cycle, Gartner recommends implementing “a risk-based approach that correlates asset value and business impact to calculate a risk rating leveraging Vulnerability Prioritization Technology solutions. This reduces the risk of being breached when prioritizing remediation activities.”1

Hype Cycle for Workload and Network Security, 2022

Gartner notes: “As networks have evolved and the majority of enterprises have begun to run across hybrid environments, network security architecture has become more complicated than ever.” This Hype Cycle states: “NSPM tools can play an important role by offering centralized visibility and policy workflow management for hybrid network security architectures. NSPM provides rule optimization, change management workflow and, more recently, application connectivity mapping.”3

Hype Cycle for Infrastructure & Operations Automation, 2022

According to Gartner, “I&O leaders should leverage this Hype Cycle to deliver innovation, value and efficiency; upskill staff; and optimize costs.” The report also points out that: “VPT solutions are a form of automation that brings advanced analytics and vulnerability intelligence to reduce the human resource requirements of performing manual Risk-based Vulnerability Management. The continued rise in the number of security incidents and breaches is driving many organizations to adopt VPT solutions to implement an effective, efficient vulnerability management program.”4

Hype Cycle for Managing Operational Technology, 2022

This Hype Cycle addresses the “disruptive forces (which now include rapid demand growth, inflation and geopolitical crises) that continue to reshape the oil, gas and energy markets. Companies in all sectors are making rapid pivots in business strategy. To achieve these pivots, companies are investing in digital innovations that optimize and transform business capabilities and help achieve operational excellence.” Gartner rates the benefit of OT Security solutions as high because “the impact of operational disruption can range from mere annoyance to hundreds of millions of dollars — as well as reliability, life and safety impacts.”5

Hype Cycle for Oil and Gas, 2022

“Facing pressure to get more from lean resources, CIOs can use this Hype Cycle to align their technology investments with strategic business goals.” Gartner writes that “because operational systems are the centers of value creation, OT security has major relevance to organizations in national critical infrastructure, and to any other industrial verticals with operations and asset-centric environments.” The research also recommends that users “deploy CPS asset discovery, inventory and network mapping security platforms.”6

Hype Cycle for Manufacturing Operations Strategy, 2022

“This Hype Cycle supports strategic planning with key technologies and management disciplines for creating roadmaps, aligning investments and educating peers.” Gartner notes: “OT security is evolving into CPS asset-centric security platforms that support not only OT, but also the Internet of Things (IoT), industrial IoT (IIoT) or smart building assets. This is changing OT security from focusing on segmentation, firewalls and demilitarized zones (DMZs) to placing the assets at the center of security and layering defense-in-depth approaches around them.”

Customer quotes

World’s leading U.S. energy company selects Skybox to calculate the financial impact of compromised OT assets with its Cyber Risk Quantification (CRQ) capabilities: “We needed to be able to map dollar value to risk, calculating the value of an asset based on the amount of damage it could do if it were compromised. With Skybox, we can look at the big picture, viewing computer vulnerabilities in the same way that we view other risks.” – Major multinational energy company

Customer reduces mean time to remediate (MTTR) from weeks to hours: “We no longer have to deal with false positives. We’ve been using Skybox Vulnerability Control for more than a year, and our false positive rate has dropped significantly from the 20% we were experiencing. We can now prioritize our efforts on deploying patches.” – One of the world’s largest petroleum refining companies

Following a major M&A deal, customer deploys the Skybox Security Posture Management Platform to mitigate exposure and ensure compliance: “We needed to audit a large and diverse estate of OT firewalls and networking devices and understand our exposure to potential attack. We are making Skybox Firewall Assurance, Network Assurance, and Vulnerability Control capabilities an integral part of our global compliance strategy for the future.” – Multinational water and energy service provider

About Gartner Hype Cycles

Gartner Hype Cycles provide a graphic representation of the maturity and adoption of technologies and applications, and how they are potentially relevant to solving real business problems and exploiting new opportunities. Gartner Hype Cycle methodology gives you a view of how a technology or application will evolve over time, providing a sound source of insight to manage its deployment within the context of your specific business goals.8

About Skybox Security

Over 500 of the largest and most security-conscious enterprises in the world rely on Skybox for the insights and assurance required to stay ahead of dynamically changing attack surfaces. Our Security Posture Management Platform delivers complete visibility, analytics, and automation to quickly map, prioritize and remediate vulnerabilities across your organization. The vendor-agnostic solution intelligently optimizes security policies, actions, and change processes across all corporate networks and cloud environments. With Skybox, security teams can now focus on the most strategic business initiatives while ensuring enterprises remain protected.

https://www.skyboxsecurity.com/

1 Hype Cycle for Security Operations, July 5, 2022, Andrew Davies



2 Understanding Gartner’s Hype Cycles, July 2, 2021, Philip Dawson, Alexander Linden, Keith Guttridge, Katell Thielemann, Nick Jones, Jackie Fenn



3 Hype Cycle for Workload and Network Security, July 18, 2022, Charlie Winckless



4 Hype Cycle for I&O Automation, July 27, 2022, Chris Saunderson



5 Hype Cycle for Managing Operational Technology, July 18, 2022, Kristian Steenstrup



6 Hype Cycle for Oil and Gas, July 19, 2022, Rich McAvey, Nicole Foust, Simon Cushing



7 Hype Cycle for Manufacturing Operations Strategy, July 29, 2022, Simon Jacobson, Janet Suleski



8 Gartner Hype Cycles: Interpreting technology hype

GARTNER and HYPE CYCLE are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

© 2022 Skybox Security, Inc. All rights reserved. Skybox Security and the Skybox Security logo are either registered trademarks or trademarks of Skybox Security, Inc., in the United States and/or other countries. All other trademarks are the property of their respective owners. Product specifications subject to change at any time without prior notice.

Contacts

Ashley Nakano



Corporate Communications Director



media-relations@skyboxsecurity.com