The threats that enterprises face from security breaches are growing in both number and complexity. In just the past year the types of attacks are up, the costs associated with them are higher and more visible, and the risks of not securing systems and processes are therefore much greater. Some people have even called the rate of attacks a pandemic.
The path to reducing these risks, even as the threats escalate, is to confront security at the framework and strategic level, to harness the point solutions approach into a managed and ongoing security enhancement lifecycle. [Disclosure: HP is a sponsor of BriefingsDirect podcasts.]
HP's strategy then is to provide a fabric of technology along with a framework of processes, to progress to a lifecycle of preparedness that helps organizations become and stay more more secure, said Rebecca Lawson, Director of Worldwide Security Initiatives at HP.
"It's important to bring the right people together and to assess the whole situation, and those people are going to be from all over the organization: IT, AppDev, legal, accounting, supply chain," she said. "You need to really assess the full situation so that everyone is not only aware of where vulnerabilities might be, or where the most costly vulnerabilities might be, but to look ahead and say … let's make sure we build security into everything from the get-go."
In addition to the new products, HP announced an Enterprise Security Discovery Workshop, an expanded Secure Boardroom (an online portal that combines existing sources of security data into one central system), and released a report from HP Digital Vaccine Labs on vulnerability, threat and attack data for the first half of 2011.
Cyber threats have become more sophisticated, persistent and unpredictable, said Lawson. Research conducted on behalf of HP demonstrates that the volume and complexity of security threats has continued to escalate.
HP's research shows that more than 50 percent of senior business and technology executives surveyed believe that security breaches within their organizations have increased during the last year. Nearly 30 percent responded that they experienced a security breach by unauthorized internal access, while 20 percent responded that they had experienced an external breach.
"There are so many different points at which different incidents can occur that getting your arms around all of them and focusing your attention on those that are most likely to cause reputation damage or financial damage or operational damage, that’s really the trick," said Lawson.
"We also noticed in our research that the number of attacks, particularly on web applications, is just skyrocketing. And of course we know that web apps are used on mobile devices and they are used on laptops and desktops. And so we are really seeing an alarming rate of web attacks happening. … The context can change so rapidly that you have to really think differently about what it is you are protecting and how you are going to go about protecting it. So it's really, it's a different game now," she said.
ArcSight Express 3.0
ArcSight Express 3.0, a unified security solution, transforms the delivery of advanced correlation, log management and user activity monitoring to improve an organization‘s ability to rapidly detect and prevent cyber threats. Powered by the new Correlation Optimized Retention and Retrieval Engine (CORR-Engine), it delivers the scalability required to correlate, process, and store vast amounts of data to advance the detection and prevention of cyber threats and risks.
ArcSight Express 3.0, a single turnkey appliance that simplifies the installation and operation of a Security Information and Event Management (SIEM) solution, enables IT administrators and security analysts to more quickly respond to business threats.
HP has also launched the updated HP TippingPoint Web Application Digital Vaccine (WebAppDV) 2.0 service, which delivers real-time identification of vulnerabilities in web applications and delivery of virtual patches until a fix can be developed. This is achieved by HP WebInspect, a security scan that incorporates the new Adaptive Web Application Firewall Technology (WAF) to protect commercial and custom-built online applications, such as retail websites or online banking sites from vulnerabilities.
Many network firewalls cannot discriminate between normal network activity and malicious traffic aimed to disrupt web applications. To address this gap in protection, the updated WebAppDV 2.0 filters are deployed alongside the traditional Digital Vaccine filters in the HP TippingPoint Intrusion Prevention System (IPS).
TippingPoint IPS is powered by research from HP DVLabs, which discovered four times the number of critical vulnerabilities than the rest of the market combined. Updates and patches addressing these vulnerabilities are created and automatically delivered to clients online each week, or immediately when critical vulnerabilities and threats emerge.
Other offerings in the security portfolio include:
- Reputation Security Monitor, which provides ArcSight clients with an advanced, real-time list of known bad IP and DNS addresses to combat attacks that exploit web application vulnerabilities.
- Fortify Software Security Center suite, a comprehensive application security testing solution available on-premises or on-demand that scales to identify vulnerabilities in thousands of applications.
- Information Security Management (ISM) services, an approach to managing security policies and processes, enabling clients to make informed security decisions and minimize risks.
- Enterprise Cloud Service (ECS) protects desktop and notebook PCs and servers against viruses, malware, spyware and intrusions by blocking unauthorized communication and preventing installation of unwanted programs.
- SIEM services collect and log security-relevant events to provide a unified view of the security activity across an enterprise as well as generating predefined reports to demonstrate compliance with policies and regulations.
- Application Security Testing-as-a-Service identifies and closes security vulnerabilities in the application layer with code scanning and web penetration services that reduce the risk, time and investment needed to deliver software security assurance.
- Secure Boardroom, an enterprise-level online portal that combines existing sources of security data into one central system. Senior-level executives and CIOs are provided greater insight and actionable information that facilitates business-led strategic investment and management decisions.
- Digital Vaccine Toolkit (DVToolkit) 2.0, which allows clients to import custom or open-source IPS filters, such as Snort, directly into the HP TippingPoint IPS.
- TippingPoint Reporting and Archiving. Powered by Logger software, this solution collects security event activity and analyzes data to create custom reports, perform trend analysis and integrate reporting to support compliance requirements.
- Enterprise Security Discovery Workshop, a one-day workshop designed to help clients understand their organizations' vulnerabilities to external and internal threats, identify the critical success factors for a secure enterprise, and create tailored transformation programs based on best practices.
- ArcSight Express 3.0 is expected to be available worldwide soon.
- WebAppDV 2.0 is currently available worldwide. Price varies based on the number of web application scans.
- DVToolKit 2.0 is currently available worldwide at no additional cost to clients with an existing HP TippingPoint IPS solution.
- HP TippingPoint Reporting and Archivingis currently available worldwide to Logger clients as an add-on product at no additional cost.
- HP delivers applications appliance solutions that leverage converged infrastructure for virtualization, data management
- HP delivers NMC 9.1 as new demands on network management require secure, integrated, and automated response
- New HP Service Manager tackles time and cost associated with help desk productivity
- HP's IT Performance Suite empowers IT leaders with unified view into total operations, costs
- HP takes plunge on dual cloud bursting: public and-or private apps support comes of age
- HP rolls out EcoPOD modular data center, provides high-density converged infrastructure with extreme energy efficiency