This document provides an overview of HP Enterprise Security Products. It discusses how HP addresses security challenges through technologies that harden attack surfaces, improve risk remediation, and proactively protect information. It also summarizes HP's security research capabilities, which include over 1,650 researchers, collaboration with 2,000 customers, and continuously finding more vulnerabilities than other vendors. The goal is to provide intelligent, adaptive, and scalable security management solutions backed by global security intelligence.

1. Enterprise
Security Discussion
Ranndeep Singh Chonker, Country Manager
Enterprise Security Products
November, 2013

2. HP Enterprise Security Products
HP Security Technology
#1 In all markets
where we compete
#2
9 out of 10
Major banks
HP Security SaaS
2.5B
lines of code
under SaaS
subscription
HP ESP Customers
New Technologies
10000+ Customers
Managed
900+ Security
Services
35
Released in
the last 12
months
9 out of 10
10 of 10
All Major Branches
Top software companies
Top telecoms
US Department of Defense

3. Business focus on security challenges
Today, security is a
board-level agenda item

4. Trends driving security investments
Primary Challenges
1
A new market adversary
Nature & Motivation of Attacks
(Fame  fortune, market adversary)
Research
Infiltration
Discovery
Capture
Exfiltration
Delivery
Traditional DC
2
Transformation of Enterprise IT
(Delivery and consumption changes)
Private Cloud
Managed Cloud
Network Storage Servers
Consumption
Virtual Desktops
Notebooks
Tablets
Policies and regulations
3
Regulatory Pressures
(Increasing cost and complexity)
Public Cloud
Basel III
DoD 8500.1
Smart phones

5. The adversary ecosystem
Research
Infiltration
Discovery
Their
ecosystem
Our
enterprise
Capture
Exfiltration

6. Build capability to disrupt their ecosystem
Educate users / use
counter
Research
intelligence
Block adversary
Infiltration
access
FindDiscovery
and remove
adversary
Their
ecosystem
SecureCapture
the
important asset
Plan to mitigate
Exfiltration
damage
Our
enterprise

7. HP addresses three major capability weaknesses:
Harden the attack surface
Improve risk remediation
Proactively protect information
Identify, improve and reduce the
vulnerability profile of enterprise
applications and systems
Turn information to intelligence
and more quickly see, find and
stop known and unknown threats
Proactively find, understand
and protect sensitive information
across the enterprise

8. The Problem: Adversary evolution targets applications
Networks
Hardware
Applications
Intellectual
Security Measures
Property
•
•
•
•
•
•
•
•
•
•
Switch/Router security
Firewalls Customer
NIPS/NIDS Data
VPN
Net-Forensics
Business
Anti-Virus/Anti-Spam
Processes
DLP
Host FW
Host IPS/IDSTrade
Vuln. Assessment tools
Secrets

9. Application defense: Find, Fix, Fortify
1
2
Embed security into
SDLC
In-house
Outsourced
Commercial
3
Enact an application
security Gate
Open source
Improve SDLC policies
Monitor and protect
software running in
Production

10. The Problem
Cloud
Too much data
Virtual
Too many security
solutions
Physical
NO integrated
intelligence
1000+ Security Vendors

11. HP ArcSight Intelligence Platform
A comprehensive platform for monitoring modern threats and risks, augmented
by services expertise and the most advanced security user community, Protect724
• Establish complete visibility
Event
Correlation
User
Monitoring
Fraud
Monitoring
Data
Capture
Log
Management
Controls
Monitoring
App
Monitoring
• Analyze events in real time to deliver insight
• Respond quickly to prevent loss
• Measure security effectiveness across people,
process, and technology to improve over time

12. The Problem
Traditional network security controls are no longer enough
Sophisticated Threats
Web Server
Borderless Networks
Threat Vector Sprawl
Operating
Systems
Enterprise
Networks
App Proliferation
Encryption Everywhere
Mobile
Virtual and
Cloud Data
Centers

13. The Solution:
Intelligent, Adaptive, Scalable
Security Management System
Dirty Traffic
Goes In
Clean Traffic
Comes Out
IPS Platform
Designed for today’s and tomorrow’s security demands and services
Proactive
Security
Costs
• In-line reliability
• Leading security research
• Quick to deploy
• High throughput/ low latency
• Fastest coverage
• Automated threat blocking
• Filter accuracy
• Broadest coverage
• Easy to manage

14. Security solutions backed by global security research
•
•
1650+ Researchers
•
2000+ Customers sharing data
•
Leading security research
•
Ecosystem
Partner
SANS, CERT, NIST, OSVDB, software & reputation vendors
Continuously finds more vulnerabilities
than the rest of the market combined
•
Collaborative effort of market leading teams:
DV Labs, ArcSight, Fortify, HPLabs, Application Security Center
•
Collect network and security data from around the globe
HP Global Research
ESS
FSRG

15. HP Security Research Priorities
Innovative Research
Driving ESP Security Strategy
• Experts in vulnerability,
malware, threat actor, and
software security research
• ZDI and other communities
• Globally-distributed team
from top universities
Actionable Security
Intelligence
• Content powers ArcSight,
Fortify, and TippingPoint
• Intelligence delivered direct
to end-users and the public
• Bi-weekly threat briefings on
the web and iTunes
Publication
On Critical Topics Today
• Publications on research
spanning the ESP portfolio
• Speaking at top security
conferences / tradeshows
• Trusted-source for advice on
enterprise security

16. Make it matter.