ciso-platform-annual-summit-2013-Hp enterprise security overview


Published on

Presented by Randeep Chonker, HP at CISO Platform Annual Summit, 2013.

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

ciso-platform-annual-summit-2013-Hp enterprise security overview

  1. 1. Enterprise Security Discussion Ranndeep Singh Chonker, Country Manager Enterprise Security Products November, 2013
  2. 2. HP Enterprise Security Products HP Security Technology #1 In all markets where we compete #2 9 out of 10 Major banks HP Security SaaS 2.5B lines of code under SaaS subscription HP ESP Customers New Technologies 10000+ Customers Managed 900+ Security Services 35 Released in the last 12 months 9 out of 10 10 of 10 All Major Branches Top software companies Top telecoms US Department of Defense
  3. 3. Business focus on security challenges Today, security is a board-level agenda item
  4. 4. Trends driving security investments Primary Challenges 1 A new market adversary Nature & Motivation of Attacks (Fame  fortune, market adversary) Research Infiltration Discovery Capture Exfiltration Delivery Traditional DC 2 Transformation of Enterprise IT (Delivery and consumption changes) Private Cloud Managed Cloud Network Storage Servers Consumption Virtual Desktops Notebooks Tablets Policies and regulations 3 Regulatory Pressures (Increasing cost and complexity) Public Cloud Basel III DoD 8500.1 Smart phones
  5. 5. The adversary ecosystem Research Infiltration Discovery Their ecosystem Our enterprise Capture Exfiltration
  6. 6. Build capability to disrupt their ecosystem Educate users / use counter Research intelligence Block adversary Infiltration access FindDiscovery and remove adversary Their ecosystem SecureCapture the important asset Plan to mitigate Exfiltration damage Our enterprise
  7. 7. HP addresses three major capability weaknesses: Harden the attack surface Improve risk remediation Proactively protect information Identify, improve and reduce the vulnerability profile of enterprise applications and systems Turn information to intelligence and more quickly see, find and stop known and unknown threats Proactively find, understand and protect sensitive information across the enterprise
  8. 8. The Problem: Adversary evolution targets applications Networks Hardware Applications Intellectual Security Measures Property • • • • • • • • • • Switch/Router security Firewalls Customer NIPS/NIDS Data VPN Net-Forensics Business Anti-Virus/Anti-Spam Processes DLP Host FW Host IPS/IDSTrade Vuln. Assessment tools Secrets
  9. 9. Application defense: Find, Fix, Fortify 1 2 Embed security into SDLC In-house Outsourced Commercial 3 Enact an application security Gate Open source Improve SDLC policies Monitor and protect software running in Production
  10. 10. The Problem Cloud Too much data Virtual Too many security solutions Physical NO integrated intelligence 1000+ Security Vendors
  11. 11. HP ArcSight Intelligence Platform A comprehensive platform for monitoring modern threats and risks, augmented by services expertise and the most advanced security user community, Protect724 • Establish complete visibility Event Correlation User Monitoring Fraud Monitoring Data Capture Log Management Controls Monitoring App Monitoring • Analyze events in real time to deliver insight • Respond quickly to prevent loss • Measure security effectiveness across people, process, and technology to improve over time
  12. 12. The Problem Traditional network security controls are no longer enough Sophisticated Threats Web Server Borderless Networks Threat Vector Sprawl Operating Systems Enterprise Networks App Proliferation Encryption Everywhere Mobile Virtual and Cloud Data Centers
  13. 13. The Solution: Intelligent, Adaptive, Scalable Security Management System Dirty Traffic Goes In Clean Traffic Comes Out IPS Platform Designed for today’s and tomorrow’s security demands and services Proactive Security Costs • In-line reliability • Leading security research • Quick to deploy • High throughput/ low latency • Fastest coverage • Automated threat blocking • Filter accuracy • Broadest coverage • Easy to manage
  14. 14. Security solutions backed by global security research • • 1650+ Researchers • 2000+ Customers sharing data • Leading security research • Ecosystem Partner SANS, CERT, NIST, OSVDB, software & reputation vendors Continuously finds more vulnerabilities than the rest of the market combined • Collaborative effort of market leading teams: DV Labs, ArcSight, Fortify, HPLabs, Application Security Center • Collect network and security data from around the globe HP Global Research ESS FSRG
  15. 15. HP Security Research Priorities Innovative Research Driving ESP Security Strategy • Experts in vulnerability, malware, threat actor, and software security research • ZDI and other communities • Globally-distributed team from top universities Actionable Security Intelligence • Content powers ArcSight, Fortify, and TippingPoint • Intelligence delivered direct to end-users and the public • Bi-weekly threat briefings on the web and iTunes Publication On Critical Topics Today • Publications on research spanning the ESP portfolio • Speaking at top security conferences / tradeshows • Trusted-source for advice on enterprise security
  16. 16. Make it matter.