Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Day 3 p2 - security


Published on

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

Day 3 p2 - security

  1. 1. HP Enterprise SecurityAarij M KhanDirector of Product MarketingHP Enterprise Security Products©2011 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice
  2. 2. The Problem
  3. 3. Mega trends Evolving Business Models Technology Advancements Changing Workforce3
  4. 4. IT architectures are evolving rapidly…. Users Users Users Users Application Application Application Application Platform Platform O/S O/S Network Mobile Physical IaaS PaaS Backend New architecture create security challenges Transparent Abstracted Security protection must focus on users and applications
  5. 5. Cyber crime is increasing…Threat and risks are expanding in frequency and intensity
  6. 6. And traditional security solutions are falling short! Technology Information Application Scanning End Point Firewall Applications IPS Network Scanners SIEM Compliance Anti-X User Web IT Operations Traditional Solutions Bolted On Architecture-Specific Lacking Automation Bolted On Limited Context Architecture-Specific Lacking Automation Limited Context Multiple Technologies Lots of Information No Intelligence
  7. 7. SECURITY IS A MAJOR CIO CHALLENGEAttack surface has grown as control & visibility have declined 26% more pressing than closest challenge for cloud adoption7 © Copyright 2011 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  8. 8. The Solution
  9. 9. HP Business Risk Management Strategy Using Security Intelligence Platform Business Risk management & compliance Security IT Mobile Users Rollup to Users security intelligence Applications Applications Virtual Unify the security Data Data layers Integrate Systems Systems Cloud Security & IT management Networks Networks9
  10. 10. HP Enterprise Security• 1,500 security professionals from ArcSight, Fortify and TippingPoint teams• 1,500 security professionals in HP Enterprise Security Services• Top five security company by market share (leader in SIEM, Log Mgt, AppSec, Network Security)Magic Quadrant for Network Intrusion Magic Quadrant for Static and Dynamic Magic Quadrant for Security InformationPrevention Systems Application Security Testing and Event ManagementDecember 2010. December 2010 and December 2011. May 2011. =HP The Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from HP.
  11. 11. HP has the only security intelligenceplatform that gives clients the insight to proactivelymanage their specific enterprise threats and risks.
  12. 12. HP Security Intelligence Platform The only security intelligence platform that gives clients the insight to proactively manage their specific enterprise security threats and risks Establish complete visibility Security Intelligence Platform IT PERFORMANCE SUITE across all applications and systems Information InformationContextual Information Analyze vulnerabilities in applications and operations Complete Visibility to understand risk Research-Backed Respond adaptively to build defenses against theAutomated, Proactive & Adaptive Operations Application exploitation of vulnerabilities Measure security effectiveness Hybrid (Physical/Virtual/Cloud) and risk across people, process, and technology to improve over time ENTERPRISE SECURITY SERVICES 12 Enterprise Security – HP Confidential
  13. 13. ESP Security SolutionsUniversal Log Regulatory Proactive Insider ThreatManagement Compliance Network Security Intelligence Advanced Threat Privacy Breach Data Leakage Application Intelligence Intelligence Monitoring Security
  14. 14. The Product SolutionsEnterprise Security – HP Confidential 14
  15. 15. INDUSTRY LEADING HP SECURITY SOLUTIONS Magic Quadrant for Network Magic Quadrant for Static Magic Quadrant for Security Intrusion Prevention Systems Application Security Testing Information and Event Management 6 December 2010. 13 December 2010. 13 May 2011. =HP The Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from HP.1 © Copyright 2011 Hewlett-Packard Development Company, L.P.5 The information contained herein is subject to change without notice.
  16. 16. Information HP ArcSight Solution Architecture A comprehensive platform for monitoring modern threats and risks, augmented by services expertise and the most advanced security user community, Protect724Establish complete visibility Event CorrelationAnalyze events in real time to deliver insight User ControlsRespond quickly to prevent loss Monitoring Monitoring Data CaptureMeasure security effectiveness across Fraud Apppeople, process, and technology to improve Monitoring Monitoringover time Log Management
  17. 17. HP TippingPoint Network Defense System Operations ApplicationsA complete set of security solutions that address todays advanced securitythreats at the perimeter and core of your business. Scalable Infrastructure to address current and future security deployment Next Gen IPS Next Gen Firewall models (NG IPS/FW) Dynamic Analytics and policy Net Network Defense deployment with real time (NG Mgmt) System wrk Predictive Intelligence to proactively address current and future threat activity DVLabs Next Gen Mgmt (DV Labs) Research
  18. 18. HP Fortify Software Security Center ApplicationsIdentifies and eliminates risk in existing applications and prevents the introductionof risk during application development, in-house or from vendors. Protects business critical applications from advanced cyber attacks by removing security vulnerabilities from software In-house Outsourced Accelerates time-to-value for achieving secure applications Increases development productivity by enabling security to be built into software, rather than added on after it is deployed Delivers risk intelligence from application development to improve operational security Commercial Open source Enterprise Security – HP Confidential
  19. 19. A real world example: RSAEnterprise Security – HP Confidential 19
  20. 20. What happened in the RSA breach? Finance person receives Opens to see 2012 Recruitment RAT program installed utilizing a junk email plan with .xls file Adobe Flash vulnerability NMAP scan of network to collect sensitive information Poison Ivy malware is initiated Collect data over a Split file, encrypt, ftp to RSA is in the headlines period of time
  21. 21. What if RSA was using HP ESP solutions?1 2 3 Finance person receives Security model is broken with Use HP TippingPoint Recruitment Opens to see 2012 solutions to UseRAT program installed to eliminate HP Fortify solutions utilizing bolted on a junk email security at every layer block traffic from malicious senders plan with .xls file Adobe Flash vulnerability vulnerabilities in applications 5 4 Use HP ArcSightof network to NMAP scan solutions to correlate Use HP TippingPoint solutions to block roles and responsibilities against tasks collect sensitive information malicious Ivy malware is initiated Poison payload at the perimeter 6 Use HP ArcSight solutions to monitor Collect data over a and 7 Use HP TippingPoint HPblock traffic to to Split file, encrypt, ftp to to 8 Effective Enterprise your users, applications, malicious domain and ArcSight RSA is in the headlines Security! period of time infrastructure correlate access login/logout with network
  22. 22. Intelligent ESP IntegrationsEnterprise Security – HP Confidential 22
  23. 23. Secure Application Lifecycle Management Fortify intelligence integrated with HP ALM and HP Quality Center• Software Security Center or WebInspect submits security vulnerabilities to HP Application Life Cycle Management (ALM) or HP Quality Center as defects• Security Vulnerabilities can then be managed as software defects by development teams• Software Security Center remains the system of record for security vulnerabilities – Enables development teams to manage security vulnerabilities just like any other defect – Formalizes workflow for addressing security vulnerabilities – Improves security assurance for applications
  24. 24. Reputation Security Monitor Identify bots and quarantine devices for remediation ThreatLinQ RepDV LightHouse Events Filters Malware Analysis1) Connection activity is Updates to ESM via ThreatLinQ reported by FW. ESM correlates coms to C&C 3) SMS sends action set to IPS. via RepDV to internal 1 Endpoints are now blocked and private IP and user ID’s quarantined for remediation 2) ESM instructs SMS to quarantine internal endpoints for remediation 2 Policy Mgmt (SMS) 3 3 1 4 4) Identity based reporting IPS IPS provides visibility to endpoint Correlation Zone infection by dept/groups Enforcement Zone
  25. 25. Adaptive Web Application Firewall (WAF) TechnologyAdaptive technology to protect web applications HP WebInspect Scan 1• What it is Internet – Advanced web application scanning to uncover 3 vulnerabilities combined with adaptive IPS response – WebInspect information passed to WebAppDV to auto- SSL generate IPS filters for virtual vulnerability patch 4 IPS• Benefits 2 – Protection for custom and commercial web applications Vulnerability Report – Inspection of encrypted and non-encrypted traffic (ideal for web commerce apps) – Elimination of tuning required by legacy WAFs Vulnerability Page and Parameter
  26. 26. Why HP Enterprise Security Products• Industry-leading, automated security solutions and visibility – ArcSight, Fortify, TippingPoint all MQ Leaders/Best in Class – Security intelligence delivered in context – Trusted, proactive and automated action – Cloud-ready• Worlds best research for security intelligence and risk management – Best in class application security and network security research – Discovers more vulnerabilities than the rest of the market combined• Integrated with leading IT operations solutions – Universal Log Management tied to Systems Event Management – Enhanced asset and threat modeling – A key component of the HP IT Performance Suite27
  27. 27. THANK YOUEnterprise Security – HP Confidential 28