HP Delivers Actionable Security Intelligence to Reduce Business Risk
SAN FRANCISCO, CA, Feb 26, 2013 (MARKETWIRE via COMTEX) --
HP (NYSE: HPQ) today announced the formation of the HP Security
Research (HPSR) organization, a new group that will provide
actionable security intelligence through published reports, threat
briefings and enhancements to the HP security product portfolio.
The company also released findings from its annual HP Cyber Security
Risk Report, providing insight into the vulnerability landscape with
a range of data covering technologies such as web and mobile.
As part of the HP Enterprise Security Products (ESP) business unit,
HPSR will lead HP's security research agenda, leveraging existing HP
research groups, including HP DVLabs, a research organization focused
on vulnerability discovery and analysis, and HP Fortify Software
Security Research, which is focused on developing software security
practices. HPSR also will manage the Zero Day Initiative (ZDI), which
focuses on identifying software flaws that have led to cyberattacks
and security breaches.
Driving security intelligence research into product offerings
focus of HPSR is to provide research that directly influences the
development of the HP ESP portfolio. As such, HP has enhanced its HP
Reputation Security Monitor (RepSM) 1.5, which protects clients
against advanced threats by leveraging data feeds directly from HPSR.
These data feeds enhance the identification of peer-to-peer network
use and improve detection of potential spear phishing and spam
floods, while also recognizing patterns over time, such as
reconnaissance scans and abnormal activity levels.
The new HP RepSM enables clients to defend against sophisticated
attacks by detecting dangerous interactions with ill-reputed sites to
prevent a breach. After a breach occurs, the solution identifies the
infected assets, communicating with ill-reputed command and control
centers, before intellectual property is leaked.
For midmarket organizations with large volumes of data and limited
resources, HP ArcSight Express 4.0 combines security information and
event management (SIEM), log management, and user activity monitoring
in an out-of-the-box solution, including connectors to HP ArcSight
IdentityView and HP RepSM. The solution simplifies the collection,
analysis and management of security events quickly and
Clients can be up and running in minutes, quickly gaining insight
into potential security threats by pulling information from hundreds
of data sources. The solution also monitors user and application
activity for security anomalies, such as suspicious behavior.
HP research identifies security risks, helps organizations assess
HP today released the HP 2012 Cyber Security Risk
Report. The annual report provides security intelligence to
organizations so that they can best deploy their resources to
minimize security risk.
Highlights from the report include:
-- Total vulnerabilities are on the rise
-- Disclosures grew 19 percent from 6,844 in 2011 to 8,137 in 2012
-- 2012 disclosures remain 19 percent lower than the peak in 2006
-- Critical vulnerabilities declined, but still pose significant risk
-- Critical vulnerabilities fell from 23 percent in 2011 to 20
percent in 2012
-- One in five vulnerabilities still give attackers total control of
-- Well-known web vulnerabilities remain prevalent in 2012
-- Four web vulnerability categories made up 40 percent of 2012
-- Vulnerabilities exploited by clickjacking are still ubiquitous
-- Less than 1 percent of URLs tested leverage standard mitigation
after more than a decade
-- The rate of mobile vulnerabilities continues to increase rapidly
-- Mobile vulnerabilities rose 68 percent from 158 in 2011 to 266 in
-- 48 percent of mobile applications tested in 2012 gave unauthorized
-- Mature technologies introduce continued and evolving risk
-- Vulnerabilities in SCADA systems rose 768 percent from only 22 in
2008 to 191 in 2012
In addition to the annual risk report, HPSR will publish reports that
provide the most current security intelligence available, ensuring
organizations understand and proactively respond to potential
security threats. HPSR will deliver this research through biweekly
threat briefings, as well as free summary briefings available to the
public on HP's website and iTunes. Premium vertical- and
client-specific briefings will be available to paid subscribers.
"Organizations need the latest in security research to effectively
prevent, detect and combat the growing number of sophisticated
threats," said Art Gilliland, senior vice president and general
manager, Enterprise Security Products, HP. "HP empowers clients to
address the most advanced threats by combining access to a global
network of security experts and published research with the power of
that expertise built directly into our products and services."
Pricing and availability
HP RepSM 1.5 will be available worldwide on
March 31. HP ArcSight Express 4.0 will also come with a free trial
version of HP RepSM.
HP's premier Americas client event, HP Discover, takes place June
11-13 in Las Vegas.
HP creates new possibilities for technology to have a
meaningful impact on people, businesses, governments and society. The
world's largest technology company, HP brings together a portfolio
that spans printing, personal computing, software, services and IT
infrastructure to solve customer problems. More information about HP
is available at http://www.hp.com.
This news release contains forward-looking statements that involve
risks, uncertainties and assumptions. If such risks or uncertainties
materialize or such assumptions prove incorrect, the results of HP
and its consolidated subsidiaries could differ materially from those
expressed or implied by such forward-looking statements and
assumptions. All statements other than statements of historical fact
are statements that could be deemed forward-looking statements,
including but not limited to statements of the plans, strategies and
objectives of management for future operations; any statements
concerning expected development, performance, market share or
competitive performance relating to products and services; any
statements regarding anticipated operational and financial results;
any statements of expectation or belief; and any statements of
assumptions underlying any of the foregoing. Risks, uncertainties and
assumptions include macroeconomic and geopolitical trends and events;
the competitive pressures faced by HP's businesses; the development
and transition of new products and services and the enhancement of
existing products and services to meet customer needs and respond to
emerging technological trends; the execution and performance of
contracts by HP and its customers, suppliers and partners; the
protection of HP's intellectual property assets, including
intellectual property licensed from third parties; integration and
other risks associated with business combination and investment
transactions; the hiring and retention of key employees; assumptions
related to pension and other post-retirement costs and retirement
programs; the execution, timing and results of restructuring plans,
including estimates and assumptions related to the cost and the
anticipated benefits of implementing those plans; the resolution of
pending investigations, claims and disputes; and other risks that are
described in HP's filings with the Securities and Exchange
Commission, including HP's Annual Report on Form 10-K for the fiscal
year ended October 31, 2012. HP assumes no obligation and does not
intend to update these forward-looking statements.
Copyright 2013 Hewlett-Packard Development Company, L.P. The
information contained herein is subject to change without notice. The
only warranties for HP products and services are set forth in the
express warranty statements accompanying such products and services.
Nothing herein should be construed as constituting an additional
warranty. HP shall not be liable for technical or editorial errors or
omissions contained herein.
[ InfoTech Spotlight's Homepage ]