RedSeal and SkyBox push for broader, network-wide risk assessment Generally speaking, firewall audit tools evaluate individual firewalls, even if they can do so for hundreds of them. Some are slowly moving toward a more networkwide risk-assessment approach and the ability to evaluate not only each device, but how devices relate to one another—their mutual dependencies across the network. Also see Firewall audit tools: features and functions and Firewall audit dos and don’ts on CSOonline.comSkyBox Security and RedSeal Systems, on the other hand, offer precisely this type of enterprise-grade network risk-assessment product. They map networks and analyze configuration flaws, unpatched vulnerabilities and access routes—even those that were created unintentionally—between network assets. Security managers can run sophisticated models to identify security exposures and evaluate risk based on the assigned value of the asset and what kind of vulnerabilities it has. “Some servers are more important than others,” says Ryan Trost, director of security and data privacy officer for Reston, Va.-based Comprehensive Health Services, a RedSeal customer. “Some can easily be rebuilt, but for others even a second of offline or down time starts to affect normal business processes.” Trost said that risk assessment, especially at audit time, was daunting in an environment of just under 200 servers, requiring weeks of reviewing firewall access control lists, switch configurations and 600 pages of vulnerability scan reports.”The risk-management software pulls in everything, analyzes it and does prioritization for me,” says Trost. “It’s become the cornerstone of our security posture.” Skybox and RedSeal both got a foot in the firewall audit market when PCI DSS opened the door. SkyBox includes a firewall audit product in its suite. RedSeal positions itself as a risk-management company, but its software can also be used for firewall audit. While the firewall audit vendors “are trying to push upstream a little,” says John Kindervag, senior analyst at Forrester Research, the market for what he calls “network threat mitigation technologies” is unclear, as enterprises need to be educated and vendors have to sell potential customers on their value at a price that makes sense. “The products themselves are quite phenomenal in many respects,” he says. “In a perfect world, everyone would have a tool like this.” Related content news Apple patches info-stealing, zero day bugs in iPads and Macs The vulnerabilities that can allow the leaking of sensitive information and enable arbitrary code execution have had exploitations in the wild. By Shweta Sharma Dec 01, 2023 3 mins Zero-day vulnerability feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff Dec 01, 2023 6 mins Technology Industry IT Skills Events news Conti-linked ransomware takes in $107 million in ransoms: Report A ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks. By Jon Gold Nov 30, 2023 4 mins Ransomware news Okta confirms recent hack affected all customers within the affected system Contrary to its earlier analysis, Okta has confirmed that all of its customer support system users are affected by the recent security incident. By Shweta Sharma Nov 30, 2023 3 mins Data Breach Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe