Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
 
News

IT security analytics products released at conference

Hewlett Packard : 03 September, 2015  (New Product)
HP has released new products at the HP Protect event focused on shifting the emphasis of IT security towards an analytics approach
IT security analytics products released at conference

At HP Protect, Hewlett Packard’s annual enterprise security user conference, the company is unveiling new products focused on security analytics and designed to help organisations shift from legacy security methods to a modern approach that focuses on protecting the interactions among users, applications and data to help protect enterprises’ most valuable assets.

Organisations are inundated with security data on a daily basis and face the challenge of translating this data into meaningful insights to proactively manage threats that pose legitimate risk. With the growing volume and complexity of data, an intelligent security platform is critical – one that harnesses the power of world-class Security Information and Event Management (SIEM) capabilities for active monitoring with use-case driven security analytics that derive actionable intelligence.

"Breach detection is top of mind for security buyers and the field of security technologies claiming to find breaches or detect advanced attacks is at an all-time noise level," said Eric Ahlm, research director at Gartner, in a recent Gartner press release. "Security analytics platforms endeavour to bring situational awareness to security events by gathering and analysing a broader set of data, such that the events that pose the greatest harm to an organisation are found and prioritized with greater accuracy."

Organizations receive an average of 17,000 malware alerts per week, and spend an average of $1.27 million annually in time and resources responding to inaccurate and erroneous threat intelligence. Due to the volume of data that enterprise security professionals must monitor, approximately four percent of all malware alerts are actually investigated, leaving a significant gap in security coverage. Additionally, traditional endpoint security software and manual intervention are not intercepting all critical malware infections, leaving organisations further exposed.

To help automate the analysis of threat data, HP is introducing HP DNS Malware Analytics (DMA), a product designed to identify infected hosts by inspecting an enterprise’s DNS traffic. Developed in partnership with HP Labs, HP’s central research organisation, and HP’s internal Cyber Defence Centre, this clientless, algorithmic-driven service uncovers infected hosts without endpoint agents, helping customers to detect high-risk threats quickly, reduce data breach impact and enhance the overall security posture.

“Organisations today are faced with growing volumes of security data and without the ability to separate the signal from the noise they can fall victim to undetected malware attacks, which can have serious financial and operational impact,” said Sue Barsamian, senior vice president and general manager, Enterprise Security Products, HP. “The new HP DNS Malware Analytics solution effectively puts the data science necessary to derive malware detection from voluminous DNS server events into a simple, highly efficient package for customers large and small, and when combined with the powerful HP ArcSight SIEM platform, provides next-generation SIEM capabilities to better protect the enterprise.”

HP DMA rapidly identifies malware-infected hosts such as servers, desktops and mobile devices so that they can be contained before gaining a foothold in the network. The solution uses a one-of-a-kind, algorithmic engine – as opposed to the more common rules-based approach – to analyse the high volume of DNS records. This enables the detection of new, unknown malware while simultaneously reducing false positives by a factor of 20 over other malware detection systems3. This saves valuable IT time and resources, enabling customers to prioritise and remediate based on the highest risk devices.

With simple set-up and cloud reporting, HP DMA can be rapidly deployed to offer continuous threat vigilance. The product seamlessly integrates with the HP ArcSight SIEM platform, enabling customers to harness the power of SIEM and use their HP ArcSight Enterprise Security Management (ESM) deployments to correlate with other contextual data, issue alerts and signal appropriate remediation.

Integrating Application Security Data for Enhanced Intelligence

To further support HP’s focus on data-driven security, HP also introduced HP Fortify scan analytics, a first-of-its kind machine-learning technology that harnesses the power of an organisation’s application security data to improve accuracy and efficiency of application security products. Processing an organisation’s growing collection of historical application security scan results to reduce the number of issues that require an auditor’s review, the product enables customers to focus resources on fewer, higher priority tasks. This analytics technology integrates seamlessly into existing application security testing workflows, which helps to increase both the efficiency of the application security audit process and the relevancy of findings.

Using Predictive Analytics to Accelerate Detection of Insider Threats

The new HP DMA and Fortify scan analytics offerings bolster HP’s existing analytics capabilities announced earlier this year around user behaviour analytics. HP User Behaviour Analytics (UBA) provides customers visibility into user behaviour to detect malicious or negligent users, or external attacks that compromise user accounts across the enterprise. Ranking detected anomalies and the associated risk, HP UBA allows customers to focus efforts and resources on the activities, users and applications that pose the greatest risk to the enterprise.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo