HP announced Supplier Security Compliance Solution and Distributed Denial of Service (DDoS) Protection Services, claiming they will let customers resolve 92 percent of major incidents within two hours of detection. The features fit into HP's existing Managed Security Services (MSS) and Enterprise Services.
MSS chief technologist at HP, Rhod Davies, told V3 the new Supplier Security Compliance Solution builds on the company's experience to help companies become compliant with governments' data handling and security laws.
"This grew out of the deployment of one of HP's biggest UK customers. We've been doing that supplier management for them and it we learned a lot of lessons and have expanded to offer it to our other customers," he said.
He added the compliance tool will also help customers boost security across their supply chain. "Quite a few recent attacks have been not against the organisation itself but against their supplier, because it's easier to get around and in through them. So one of our announcements is a series of consulting services that will help. It starts off by letting you see what the threats are and what controls you should have in place, and ultimately offers you the option to have HP run that supply chain compliance," said Davies.
HP's DDoS Protection Services is a key tool built off DDoS protections technology provider Akamai's platform. "The DDoS is a general application that plugs into our existing managed services. The underlying platform is Akamai's anti-denial of service technology, but we've put a management wrapper around it to make it integrate with the other management services we deliver," he said.
As well as the new services, HP also unveiled its next-generation portfolio of anti-hacker technologies. Key additions include the HP Threat Central, SureStart tools and TippingPoint Next-Generation Firewall (NGFW) services.
Davies explained that HP Threat Central is a community-sourced security intelligence platform designed to increase the amount of threat data being shared by businesses. He added it is an essential step in the firm's ongoing battle to combat the recent wave of advanced attacks being created by cyber criminals.
"We've seen attackers that have their own ecosystem, where they can more or less plug together modules and are specialising in specific forms of attack, and collaborating and sharing information. The attack side has become that much more sophisticated while on the defence side. I think it's fair to say a lot of security professionals live in their own little bunkers and don't exchange information," he said.
"This is partly because they're too busy and partly because they're worried about the information they're trying to protect potentially being shared with the competition. We need to step up the level of collaboration."
The centre is aided by HP's upgraded HP ArcSight and HP Fortify security technologies. The technologies are designed to scan network activity and date to offer customers real-time application-level threat detection. Davies listed HP SureStart, as another key service that will help companies future-proof themselves against attacks on machines basic input/output system (BIOS).
"For quite a while now there have been various security researchers playing with the idea, ‘What could I do if I subverted the BIOS?' Attackers started off targeting the operating system now they're trying to get under it so, seeing what they could do if they get into the BIOS. SureStart is a technology going into our Elite range of PCs and will help protect against subversion of the BIOS. That's a really pointed technology attack and solution," he said.
Finally HP's TippingPoint NGFW is designed to block new risks introduced by cloud and mobile. The expanded tools and services follow a wider push by HP to increase its presence in the enterprise security market. HP recently released its new Fortify Static Code Analyzer 4.0, claiming the tool will improve companies' software security assessment speeds tenfold.
No comments:
Post a Comment