HP Security Products Blog
From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. HP Enterprise Security Products offers products and services that help organizations meet the security demands of a rapidly changing and more dangerous world. HP ESP enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis and network-level defense mechanisms—unifying the components of a complete security program and reducing risk across your enterprise. In this blog, we will announce the latest offerings from HP ESP, discuss current trends in vulnerability research and technology, reveal new HP ESP security initiatives and promote our upcoming appearances and speaking engagements.

Webinar: HP and Paladion speak about security operations through ArcSight Logger

paladion webinar invite 2.GIFArcSight Logger 6.0 is the fastest search engine on the planet for machine data today. This universal log management solution collects, stores, and analyzes all of your Big Data for security event management.  Join us for a free webinar on how ArcSight Logger unifies your entire IT data through a unique technology called normalization and categorization, and then stores and analyzes years’ worth of data for multiple use cases.

 

 

HP ArcSight partners with Guidance Software to identify the most critical threats

guidance.GIFHP ArcSight partners with Guidance Software to identify the most critical threats. The new bundled solution is designed for small to medum sized organizations that are both in entry-level mode for security and the ones that have plans to build sophisticated SOC. HP ArcSght Express is a high performance SIEM soluton that correlates securty events in real-time to detect threats. When you combine the best of both worlds such as auto-priorization of events and high performance SIEM, organizations get a simple and powerful automated solutons to combat cyber threats.

Identify and monitor ShellShock vulnerability through HP ArcSight content pack

batch 4.GIFOur Professional Services team has done a huge amount of work to help in this vey quickly by building content pack that will help you identify ShellShock vulnerability and monitor the batch bug. We are very proud to make this available to our HP ArcSight community, quickly.

 

The content is primarily based on based on two rules:

 

  1. /All Rules/Public/Shellshock/Sysdig Shellshock Exploit Detected
  2. /All Rules/Public/Shellshock/Shellshock Bash Vulnerability Detected

 

The Sysdig Shellshock Exploit Detected rule looks for events from the Sysdig utility to identify devices as they are probed or attacked with the Shellshock exploit.

 

The Shellshock Bash Vulnerability Detected rule looks for events where one of the Shellshock vulnerabilities (CVE-2014-6271, CVE-2014-7169 or Nessus - 14272) is referenced.

 

The Shellshock dashboard gives an overview of the recent Shellshock events reported, as well as a listing of the assets that have been tagged with one of the Shellshock vulnerabilities.

 

 

 

Don't be Shell Shocked! HP ArcSight appliance does not use CGI

 

Shellshock.jpgIf you are one of the 10,000 ArcSight customers, follow these steps to safeguard from Shell Shock vulnerability through HP ArcSight.

 

  1. Install and configure sysdig, an open source utility used to monitor and analyse system state activity
  2. Configure RHEL where ArcSight ESM is installed to prepare to push the ShellShock content
  3. Apply the sysdig flexconnector that will parse events from sysdig
  4. Install ShellShock content pack from ArcSight support
  5. ArcSight is ready to monitor logs for potential attacks and exploits

 

 

HP ArcSight Logger for David and Goliath

logger shipment.JPG

 15 tons of ArcSight Logger was shipped to a large enterprise IT the same day a small healthcare company in India bought Logger to manage for just 25 users. HP ArcSight shipped its log management solution for both David and Goliath the same day.

 

We have been overwhelmed with the positive response we are getting for our brand new HP ArcSight Logger 6.0 that we released last week. You can read about the all-new Logger on this post, but just to summarize it is a universal log management solution that has the best performance to price in the market.

Demo of the all-new static correlation functionality with HP ArcSight Logger 6.0

The all new HP ArcSight Logger has many new features including the brand new static correlation through file look up. It means that you simply download a csv file with records and Logger can correlate the search data with the file lookup. Unlike SIEM solution that does real-time correlation of security events across the devices, Logger does static correlation. Check out these video demos built by Paul Brettle who is our security architect for Logger.

 

Introducing all-new HP ArcSight Logger 6.0, bringing you the best performance/ price

02-Dashboard---intrusions.jpgHP today introduced HP ArcSight Logger 6.0, the latest release of its universal log management solution that unifies collection, storage, and analysis of machine data to consolidate security and compliance. A core part of the HP ArcSight leading Security Information and Event Management (SIEM) portfolio, HP ArcSight Logger 6.0 offers enhanced scalability to handle eight times more data at 10 times higher performance than the previous version(1) to deliver continuous monitoring and high-speed contextual forensic investigation capabilities.

HP Protect--It's time to network with your security peers

protec 2014.pngHP Enterprise Security is dedicated to helping you build a proactive, intelligence-based risk management environment; attending the HP Protect event is only the beginning. Read this blog for more info on 2 of the track keynotes that you can attend.

Fill out the 'Security Analytics and Intelligence' Survey and shape the future of security industry

SANS.GIFFill out the 'Security Analytics and Intelligence' Survey and shape the future of security industry.

 

In 2013 SANS conducted its first analytics and intelligence survey. In this followup survey, SANS 2014 survey derive deeper understanding of the functional role of intelligence and analytics in the enterprise security management infrastructure. This will also further delve into which tools are implemented, the role of outside third-party service providers and whether or not intelligent analysis is improving an organization's ability to detect, defend and investigate attacks in their networks.

HP Protect--Which security sessions will you attend?

protec 2014.pngHP Protect is right around the corner, and there are so many sessions to choose from--over 150, to be exact. Read this blog to see a glimpse of what we're offering, and find the link to the full session catalog! We'll see you in D.C.!

Security Operations Maturity: The Sweet Spot

On a maturity scale of 0 to 5, you should aim for a 3? That is exactly right.SOCInfographic.png

Read on to find the sweet spot of security operations maturity in this new infographic.

Tags: siem| SIOC| SOC
Labels: ArcSight

Characteristics of a successful SOC

SOC fail.jpgDo you know the fastest path to building a capable SOC? HP has accumulated the largest dataset of its kind to answer that exact question. Here are the top 10 do’s and don’ts of a successful SOC.

 

A guest post by JC Zapata, HP Security PMM

Labels: ArcSight

What does it take to create a security operations capability?

WProtect_2014_Banner_Blu_RGB_72_MN.pngant to learn what it takes to create a security operations capability? Don’t miss this opportunity to learn the ins and outs of making your security organization successful with the “Security Operations Workshop” at HP Protect 2014.

Labels: ArcSight

HP ArcSight introduces all-in-one SIEM virtual appliance

express geo.pngHP ArcSight recently introduced an all-in-one security incident and event management (SIEM) virtual appliance to enable simple, rapid deployment of security analytics. As the threat landscape grows increasingly complex, the appliance detects threats and attacks in real-time – providing security professionals with insight into security events through a single intuitive interface. Pre-built rules, reports, and dashboards bring clarity to security and compliance analytics – offering valuable intelligence to keep your organization safe.

Labels: ArcSight

HP ArcSight is named a leader for SIEM in the Gartner MQ 2014

gartner mq 2014.pngMore than a decade in the leaders quadrant – and there’s no slowing down. HP ArcSight is a Security Information and Event Management (SIEM) leader in the Gartner Magic Quadrant (MQ). HP ArcSight is named a leader again, for 11th year in a row. 

 

 

Labels: ArcSight

How HP Enterprise Security Products confronts the security industry’s communication gap

commgap355x209.jpgTwo of the greatest security challenges that organizations face are discovery of vulnerabilities and communication of results.  One way HP Enterprise Security Products (HP ESP) is confronting these issues is via our product integrations.

Read on to learn more about how we're bringing together different security technologies to create a holistic method of security that realistically deals with how attacks occur in the real world. 

HP’s Cyber Defense Center: A new frontier of innovation for enterprise security

world.jpgAfter analyzing over 90 Security Operations Centers and accumulating the largest dataset of its kind, HP has taken industry best practices and lessons learned and applied them to our very own Cyber Defense Center (CDC). Learn more in the article.

A guest post by JC Zapata, HP Security PMM

Labels: ArcSight

HP Enterprise Security Products on tour!

IMG_1199.JPGHP Enterprise Security Products is rolling out a series HP Enterprise Security User Forums. The first stop is in Boston, MA on June 17th. This is not only a great opportunity to hear HP ESP’s comprehensive philosophy regarding how to secure your organization, but also a chance to earn CISSP credits at the same time.  To register for the event, visit the Boston User Group registration page.  And for more information about the agenda and our focus, read the entire article.

Viva Las Vegas! HP Enterprise Security Products represent at HP Discover 2014

discpng.pngAfter a year of record setting data breaches and critical vulnerabilities, there’s no denying in 2014 that security is a topic of concern. It should be no surprise, then, that security is of high importance at this year’s HP Discover event and a key part of HP’s ongoing strategy. Key security sessions include an examination of how companies need to rethink their security mindset and start developing the strategies necessary to combat highly organized and dangerous real world adversaries and a discussion regarding what the latest vulnerability research reveals about the current vulnerability landscape. For more information about those sessions and the host of other security events occurring during HP Discover, read the article.

SIEM is NOT dead, SIEM means never having to say 'sorry'

3.pngSIEM is NOT dead, SIEM means never having to say 'sorry'. We have been leading the market, technology, and industry for as long as SIEM existed. We have been recognized by Gartner in the leaders quadrant every year. In fact, we have been leaders for more years than anyone has been in the MQ consistently. This blog is about the top 10 use cases of SIEM that hundreds of thousands of customers are using through SIEM technology.

 

For more information on how SIEM continues to drive innovation in the security industry, attend my session at the Discover DF3968. My session starts on Wednesday, Jun 11, 2014 between 11:15 AM - 11:45 AM.

 

 

Labels: ArcSight

Getting started with FREE trial version of HP ArcSight Logger

placeit24.pngHP ArcSight Logger delivers a cost-effective universal log management solution that unifies searching, reporting, alerting, and analysis across any type of enterprise machine data. Read this to get your free trial. 

 

 

What's new with HP ArcSight Logger 5.5? It is the fastest Logger ever!

HP ArcSight Logger is an enterprise ready, universal log management solution that is truly borderless in collecting, analyzing, and storing Big Data. The new Logger 5.5 comes with an accelerated search on the most frequently used fields, up to 1000x faster than the previous version.

 

HP Software announces: Discover 2014 Awards of Excellence – Enterprise Security Winners

usaa.jpgHP Software has announced the winners of the Discover 2014 Awards of Excellence.  Thesehave been brought to you by the HP Software Americas Marketing team.  This award recognizes the quantified improvements and corresponding business benefits achieved using HP Software solutions within 8 categories

Labels: ArcSight

A sneak peek at the future of security with HP Labs

big-data.jpgToday’s enterprises generate terabytes of security event data. These volumes are increasing exponentially as the security landscape grows ever more complex. But how can you turn this data into actionable security insight?

CARVER Analysis – Are you defending the right things?

Screen Shot 2014-05-14 at 12.50.35 PM.pngAre you defending what the bad guys are really going after or just what YOU consider critical? Use CARVER analysis to tell the difference.This techniques has been used by irregular forces since WW2 for target selection and defense and it applies well to defending your enterprise.

Big Data Security Analytics Part 3: Data science & Putting Structure to the Problem

It’s Part 3 of the Big Data Security Analytics series! Now is the time to discuss how to answer security questions based on the disciplines of data science.

Labels: ArcSight| haven

Big Data Security Analytics Part 2: Security Analytics Results From a Combination of Tools

products.pngWelcome to Part 2 of the Big Data Security Analytics series! In this post, we’ll discuss tools and build approaches.

Labels: ArcSight
Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.