HP Expands Security Offerings

Hewlett-Packard upgrades and expands its security lineup, blending ArcSight IPS, Fortify code scanning, and WebAppDV to provide better context and defense against threats.

Strategic Security Survey: Global Threat, Local Pain (click image for larger view and for full slideshow)
Hewlett-Packard on Monday unveiled a range of new and updated security products and services, aimed at helping businesses detect and block a range of threats, including vulnerabilities in their custom Web applications.
For starters, the company announced that its security information and event management (SIEM) application, HP ArcSight Express 3.0, will sport faster and more accurate correlation capabilities. HP also announced Fortify Software Security Center, which offers static and dynamic Web application testing that will run on the premises or via the cloud.
Meanwhile, HP announced the launch of services for information security management, endpoint threat management via the cloud, a SIEM service--to collect, log, and report on all security-related events across a business--as well as an application security testing-as-a-service offering. In addition, HPs updated Digital Vaccine Toolkit (DVToolkit) 2.0 will also now import both custom and open source IPS filters, for example from
Snort
.
As part of ongoing moves to blend capabilities HP obtained via a
number of acquisitions
last year, the company also recently released HP TippingPoint Web Application Digital Vaccine (WebAppDV) 2.0, which updates its service for protecting both commercial and custom-built Web applications, and protecting them with virtual patches after any codebase vulnerabilities are discovered, at least until a full fix can be put in place. Pricing is based on the number of Web application scans conducted.
WebAppDV works in conjunction with HPs
Fortify and WebInspect
to scan applications, find vulnerabilities, and then craft a custom filter for those vulnerabilities. While it can be used for off-the-shelf software, the value of this, in my mind, is really in the custom applications, said Jennifer Lake, security product marketing manager for HP DVLabs, in an interview.
Thats because commercial application vulnerabilities typically get publicly disclosed, allowing information security vendors such as HP to create blocks against attacks that seek to exploit the vulnerability. But if an organization is building their own Web application, were not necessarily going to know what those vulnerabilities are, she said.
Of course,
Web application vulnerabilities
remain a dangerous attack vector. The low-hanging fruit for bad guys is the Web application, said Ryan Kalember, director of solutions marketing for enterprise security products at HP, in an interview.
Furthermore, while Web application firewalls can help block attacks, he said their accuracy leaves something to be desired. Web application firewalls typically see between 30% and 70% false positive rates, and most customers Ive talked with, and most environments I have experience with, they have about a 50% false positive rate, he said. Its attempting to generically block everything bad that could be attacking the Web app behind it.
Accordingly, HP is betting that businesses will buy into Web application defenses that will both spot specific types of attacks, as well as block them, even if the application hasnt yet been patched. This is where we think the vision starts coming together. If youre thinking about something like a SQL injection attack, its actually pretty predictable what the log output of a Web application will be if you execute a known SQL injection attack against it, said Kalember. While that might not seem very useful, you can use a technology like HP ArcSight to detect when there is an exploit, he said. The next logical step is to create a signature for the attack type, and load it into an IPS--such as TippingPoint--to block it.
So youve gone from a state in which youre just generating PDF [reports] and throwing them over the wall to the development organization--but you know how youre vulnerable--to being able to ... block it from happening in the first place, he said.
Attend Enterprise 2.0 Santa Clara, Nov. 14-17, 2011, and learn how to drive business value with collaboration, with an emphasis on how real customers are using social software to enable more productive workforces and to be more responsive and engaged with customers and business partners. Register today and save 30% off conference passes, or get a free expo pass with priority code CPHCES02.
Find out more and register.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
HP Expands Security Offerings