HP Security Products Blog
From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. HP Enterprise Security Products offers products and services that help organizations meet the security demands of a rapidly changing and more dangerous world. HP ESP enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis and network-level defense mechanisms—unifying the components of a complete security program and reducing risk across your enterprise. In this blog, we will announce the latest offerings from HP ESP, discuss current trends in vulnerability research and technology, reveal new HP ESP security initiatives and promote our upcoming appearances and speaking engagements.

It's National Cyber Security Awareness month--Here's a treat from HP Enterprise Security

trick or treat.jpgFor many of us in the U.S., October means the changing of the leaves, pumpkin-flavored lattes, and candy…lots and lots of candy. But October is also a big month for network security, as it’s Cyber Security Awareness Month.

Labels: TippingPoint

How to talk to your Board of Directors about Security

Have you spoken to your board about the security of your enterprise?Meg_Whitman_HP CEO

Meg Whitman offers some tips.

HP ArcSight partners with Guidance Software to identify the most critical threats

guidance.GIFHP ArcSight partners with Guidance Software to identify the most critical threats. The new bundled solution is designed for small to medum sized organizations that are both in entry-level mode for security and the ones that have plans to build sophisticated SOC. HP ArcSght Express is a high performance SIEM soluton that correlates securty events in real-time to detect threats. When you combine the best of both worlds such as auto-priorization of events and high performance SIEM, organizations get a simple and powerful automated solutons to combat cyber threats.

What is the cost of cyber crime? Looking past the headlines.

larry.pngDr. Larry Ponemon says the headlines don’t tell the whole story about cyber crime. The Ponemon Institute just completed their fifth annual study on the cost of cyber crime to businesses around the world. And some of the most useful results are among the less obvious. 

 

A guest post by

Dr. Larry Ponemon
Chairman and Founder of the Ponemon Institute

Labels: TippingPoint

Identify and monitor ShellShock vulnerability through HP ArcSight content pack

batch 4.GIFOur Professional Services team has done a huge amount of work to help in this vey quickly by building content pack that will help you identify ShellShock vulnerability and monitor the batch bug. We are very proud to make this available to our HP ArcSight community, quickly.

 

The content is primarily based on based on two rules:

 

  1. /All Rules/Public/Shellshock/Sysdig Shellshock Exploit Detected
  2. /All Rules/Public/Shellshock/Shellshock Bash Vulnerability Detected

 

The Sysdig Shellshock Exploit Detected rule looks for events from the Sysdig utility to identify devices as they are probed or attacked with the Shellshock exploit.

 

The Shellshock Bash Vulnerability Detected rule looks for events where one of the Shellshock vulnerabilities (CVE-2014-6271, CVE-2014-7169 or Nessus - 14272) is referenced.

 

The Shellshock dashboard gives an overview of the recent Shellshock events reported, as well as a listing of the assets that have been tagged with one of the Shellshock vulnerabilities.

 

 

 

HP Enterprise Security Products stifles Shellshock

shellshock.jpgWhen Heartbleed hit,  HP Enterprise Security Products reacted quickly. We’ve done the same with Shellshock, and with good reason. Shellshock can give a random, malicious Internet user a simple method of executing commands on vulnerable web servers. That’s not good, and one of the many reasons the National Institute of Standards and Technology (NIST) gave it a CVSS v2 Base Score rating of 10 out of 10 (for both Impact and Exploitability). For the sake of comparison, with all its bluster Heartbleed was still only a 5. So why is Shellshock so much worse and once it’s all said and done in serious contention to be the worst vulnerability of all time?  For more information about that and HP ESP's response, read the article.

Shellshock: HP Security handles the aftershocks

shellshock.jpgMembers of HP Security Research and the HP TippingPoint DVLabs team discuss the GNU Bash vulnerability “Shellshock” and how we were able to quickly protect customers.

Labels: TippingPoint

Don't be Shell Shocked! HP ArcSight appliance does not use CGI

 

Shellshock.jpgIf you are one of the 10,000 ArcSight customers, follow these steps to safeguard from Shell Shock vulnerability through HP ArcSight.

 

  1. Install and configure sysdig, an open source utility used to monitor and analyse system state activity
  2. Configure RHEL where ArcSight ESM is installed to prepare to push the ShellShock content
  3. Apply the sysdig flexconnector that will parse events from sysdig
  4. Install ShellShock content pack from ArcSight support
  5. ArcSight is ready to monitor logs for potential attacks and exploits

 

 

The Security Analyst Skills Gap - Part 1

securityAnalyst.pngThere are certain truths about Security Analysts:

  • Nearly every business is trying to hire them.
  • Any business who has one is trying desperately to keep them.
  • There are many job seekers lacking the ability to execute as a security analyst.
  • Many organizations have an incomplete understanding of what caliber of good guy they actually need.

Read on to learn how to grow your own security analysts and how to keep them!

HP AppDefender and HP WebInspect updates: GNU Bash vulnerability "Shellshock"

Many GNU Bash vulnerability attack vectors exist– some yet to be discovered and/or disclosed. HP Security continues to work diligently to provide product updates enhancing both protection and remediation. 

GNU Bash vulnerability "Shellshock" (CVE-2014-6271): HP TippingPoint update

hacked 2.jpgThere's a new bug out there, and it could pose a larger threat than "Heartbleed." Unless, of course, you're an HP TippingPoint customer! Read this blog for HP TippingPoint's response to CVE-2014-6271.

Labels: TippingPoint

HP ArcSight Logger for David and Goliath

logger shipment.JPG

 15 tons of ArcSight Logger was shipped to a large enterprise IT the same day a small healthcare company in India bought Logger to manage for just 25 users. HP ArcSight shipped its log management solution for both David and Goliath the same day.

 

We have been overwhelmed with the positive response we are getting for our brand new HP ArcSight Logger 6.0 that we released last week. You can read about the all-new Logger on this post, but just to summarize it is a universal log management solution that has the best performance to price in the market.

HP TippingPoint--Leading vulnerability research stats

Each week, the TippingPoint DVLabs team develops new attack filters to address vulnerabilities and incorporates these filters into Digital Vaccines. Here are the advisory numbers for 2006-present, in comparison to other organizations. 

Labels: TippingPoint

Interop NY is around the corner--TippingPoint will be there--will you?

interop.jpgInterop NY is right around the corner, and HP TippingPoint can’t wait! We’re having a launch celebration, and you’re invited—read this blog for more info.

 

A guest post by
Elisa Lippincott
HP Enterprise Security Products
Marketing Manager

Labels: TippingPoint

Building an incident response function

Ensure your organization is ready to respond to an incident—with the people, processes, and technology in place to cope with today’s threats.

Demo of the all-new static correlation functionality with HP ArcSight Logger 6.0

The all new HP ArcSight Logger has many new features including the brand new static correlation through file look up. It means that you simply download a csv file with records and Logger can correlate the search data with the file lookup. Unlike SIEM solution that does real-time correlation of security events across the devices, Logger does static correlation. Check out these video demos built by Paul Brettle who is our security architect for Logger.

 

Loyola University Chicago leverages HP TippingPoint Geo-Filtering feature

devices.jpgHow do you manage network security for approximately 72,000 devices? HP TippingPoint talked with Brett Weston, Information Security Administrator for Loyola University Chicago, to see how he does it. 

Labels: TippingPoint

Introducing all-new HP ArcSight Logger 6.0, bringing you the best performance/ price

02-Dashboard---intrusions.jpgHP today introduced HP ArcSight Logger 6.0, the latest release of its universal log management solution that unifies collection, storage, and analysis of machine data to consolidate security and compliance. A core part of the HP ArcSight leading Security Information and Event Management (SIEM) portfolio, HP ArcSight Logger 6.0 offers enhanced scalability to handle eight times more data at 10 times higher performance than the previous version(1) to deliver continuous monitoring and high-speed contextual forensic investigation capabilities.

Don't miss the Bad Guy Lair at HP Protect!

credit-cards-security_coll.jpgWant to see how credit card breaches happen? How the Internet of Things gets hacked, or how your mobile device can be compromised? Then head over to the Bad Guy Lair at HP Protect. We aren't the bad guys, but we'll show you how to think like one. 

Enterprise security: What’s new for the week of September 1 2014

entsec news.jpgHere’s what new in Security Intelligence & Zero-Day Coverage for HP TippingPoint for the week of September 1st.  

Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
Top Kudoed Posts
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.