Skybox Security Raises $150M to Expand Security Management Capabilities

Security vendor aims to expand the reach of its platform to help organizations manage and control security policies and configuration.

Skybox Security

Skybox Security announced a new $150 million round of investment on Oct. 25, in a bid to help the company develop its products and support its global go-to-market efforts.

The new investment comes from the CVC Capital Partners' Growth Fund and private equity firm Pantheon. Total funding to date for Skybox since the company's creation in 2002 now stands at $314 million.

"Our focus as a company is on cyber-security management," Gidi Cohen, Skybox’s co-founder and CEO, told eWEEK. "We have had really strong growth in the last several years, driven by the fact that the security challenges have grown significantly."

Cohen added that while the complexity of the threat landscape has increased, the corresponding resources  available to organizations has not grown as much.

"The gap between threat complexity and available resources is why there is a need for a management, analytics and orchestration solution, like what we provide at Skybox," Cohen said.

The Skybox Platform has multiple components including, vulnerability and threat management as well as security policy management capabilities. Cohen said that the core platform and its analytics capabilities are proprietary technologies that Skybox has developed over the years, with a number of granted patents.

"We are also connecting to a lot of different sources, since we are providing a management layer for cyber-security," Cohen said. "We have approximately 120  connectors that link to different types of security technologies including network and system management."

Skybox collects data via connectors and then makes sense of the information with its analytics technology. The analytics can show what the risk exposures might be, as well as help to identify the best way to address issues. In September 2017, Skybox improved its platform with capabilities for threat-centric vulnerability management for virtual and cloud networks.

Cohen explained that the threat-centric capability can analyze and prioritize vulnerabilities in the context of the threat landscape and the overall attack surface of an organization. The threat-centric model can be applied to customer resources that are deployed in both private and public cloud environments.

One of the emerging areas of virtualization is the use of container and the Kubernetes orchestration platform that can help to enable multi-cloud deployments. Cohen said that Skybox is now working on expanding the platform's capabilities and threat modelling technologies for containers.

Cohen noted that Skybox is often used by organizations to help with various compliance requirements. For example, one of the primary requirements for PCI-DSS (Payment Card Industry Data Security Standard) is the need for firewall configuration management, which is a capability that Skybox provides. He added that many other compliance specifications require management systems in place for change controls, which is also capability that is in the Skybox platform.

From a competitive perspective, Cohen said that what Skybox provides is differentiated from other security vendors in that the focus for his company is on cyber-security management.

"At Skybox we aim to help the Chief Information Security Officer and security teams to understand what tools they have in place," Cohen said. "You can think of Skybox almost like an ERP (Enterprise Resource Planning) for security."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.