HP Security Products Blog
From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. HP Enterprise Security Products offers products and services that help organizations meet the security demands of a rapidly changing and more dangerous world. HP ESP enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis and network-level defense mechanisms—unifying the components of a complete security program and reducing risk across your enterprise. In this blog, we will announce the latest offerings from HP ESP, discuss current trends in vulnerability research and technology, reveal new HP ESP security initiatives and promote our upcoming appearances and speaking engagements.

Fraudulent chip cards--if you don't check the cryptogram, NO protocol is secure

credit-cards-security_coll.jpgA recent bout of credit card fraud shows charges submitted through the networks as chip-enabled transactions—even though the banks that issued the cards have yet to send customers chip-enabled cards.  Susan Langford, HP Security, Atalla, explains how this can happen. 

Labels: Atalla

The Security Analyst Skills Gap - Part 3

“I’m afraid that if I spend my time training security analysts then they will just qretention.jpguit and go work for my competitor for more money.” Sound Familiar? Finding good security analysts is difficult. Keeping good security analysts is even harder. Read on to see how HP works with organizations to help retain security analysts.

HP TippingPoint--Vulnerability research stats, October 2014

Each week, the TippingPoint DVLabs team develops new attack filters to address vulnerabilities and incorporates these filters into Digital Vaccines. Every last Thursday of the month, we release a blog showing these advisory updates.

Labels: TippingPoint

Expand your security knowledge in Barcelona

discover large.jpgHP Discover kicks off the first week of December in Barcelona, Spain! HP Enterprise Security Products will be there—ready to give you the scoop on what you can do to beat the adversaries at their own game.

Security Analyst Skills Gap - Part 2

skills-gap-artwork-370x229.jpgWelcome to the second part of "The Security Analyst skills gap." 

Enterprise security: What’s new for the week of October 20 2014

entsec news_small.jpgWhat happened this week in HP Enterprise Security? Find out here: What's new in Security Intelligence & Zero-Day Coverage for HP TippingPoint for the week of October 20th. 

Labels: TippingPoint

Down, but not out for the count...Alina fights on

worm hacker.jpgOn October 5th, a Russian hacker going by the handle ‘w0rm’ claimed that he had compromised Subway’s servers and discovered Point-Of-Sale malware. Subway has not confirmed this breach; if this story is accurate, HP TippingPoint could have been essential in averting the exfiltration of data from infected systems.

 

Guest post by 

Mat Powell

Security Researcher, HP DVLabs

Labels: TippingPoint

HP TippingPoint customers protected from SSL 3.0 “POODLE” on day one

not today poodle.jpgThe SSL 3.0 POODLE vulnerability isn't so vicious if you're an HP TippingPoint customer. Here's how we're making every second matter... 

 

Guest post by 
Elisa Lippincott
Product Marketing Manager

Labels: TippingPoint

HP TippingPoint Next-Generation Firewall gets ICSA Certified

Seems that everywhere you look there is a new certification being pinned on a product, but how do you tell the meaningful certifications from those no more valuable than the bytes they take up on your browser?ICSA.gif

Webinar: HP and Paladion speak about security operations through ArcSight Logger

paladion webinar invite 2.GIFArcSight Logger 6.0 is the fastest search engine on the planet for machine data today. This universal log management solution collects, stores, and analyzes all of your Big Data for security event management.  Join us for a free webinar on how ArcSight Logger unifies your entire IT data through a unique technology called normalization and categorization, and then stores and analyzes years’ worth of data for multiple use cases.

 

 

It's National Cyber Security Awareness month--Here's a treat from HP Enterprise Security

trick or treat.jpgFor many of us in the U.S., October means the changing of the leaves, pumpkin-flavored lattes, and candy…lots and lots of candy. But October is also a big month for network security, as it’s Cyber Security Awareness Month.

Labels: TippingPoint

How to talk to your Board of Directors about Security

Have you spoken to your board about the security of your enterprise?Meg_Whitman_HP CEO

Meg Whitman offers some tips.

HP ArcSight partners with Guidance Software to identify the most critical threats

guidance.GIFHP ArcSight partners with Guidance Software to identify the most critical threats. The new bundled solution is designed for small to medum sized organizations that are both in entry-level mode for security and the ones that have plans to build sophisticated SOC. HP ArcSght Express is a high performance SIEM soluton that correlates securty events in real-time to detect threats. When you combine the best of both worlds such as auto-priorization of events and high performance SIEM, organizations get a simple and powerful automated solutons to combat cyber threats.

What is the cost of cyber crime? Looking past the headlines.

larry.pngDr. Larry Ponemon says the headlines don’t tell the whole story about cyber crime. The Ponemon Institute just completed their fifth annual study on the cost of cyber crime to businesses around the world. And some of the most useful results are among the less obvious. 

 

A guest post by

Dr. Larry Ponemon
Chairman and Founder of the Ponemon Institute

Labels: TippingPoint

Identify and monitor ShellShock vulnerability through HP ArcSight content pack

batch 4.GIFOur Professional Services team has done a huge amount of work to help in this vey quickly by building content pack that will help you identify ShellShock vulnerability and monitor the batch bug. We are very proud to make this available to our HP ArcSight community, quickly.

 

The content is primarily based on based on two rules:

 

  1. /All Rules/Public/Shellshock/Sysdig Shellshock Exploit Detected
  2. /All Rules/Public/Shellshock/Shellshock Bash Vulnerability Detected

 

The Sysdig Shellshock Exploit Detected rule looks for events from the Sysdig utility to identify devices as they are probed or attacked with the Shellshock exploit.

 

The Shellshock Bash Vulnerability Detected rule looks for events where one of the Shellshock vulnerabilities (CVE-2014-6271, CVE-2014-7169 or Nessus - 14272) is referenced.

 

The Shellshock dashboard gives an overview of the recent Shellshock events reported, as well as a listing of the assets that have been tagged with one of the Shellshock vulnerabilities.

 

 

 

HP Enterprise Security Products stifles Shellshock

shellshock.jpgWhen Heartbleed hit,  HP Enterprise Security Products reacted quickly. We’ve done the same with Shellshock, and with good reason. Shellshock can give a random, malicious Internet user a simple method of executing commands on vulnerable web servers. That’s not good, and one of the many reasons the National Institute of Standards and Technology (NIST) gave it a CVSS v2 Base Score rating of 10 out of 10 (for both Impact and Exploitability). For the sake of comparison, with all its bluster Heartbleed was still only a 5. So why is Shellshock so much worse and once it’s all said and done in serious contention to be the worst vulnerability of all time?  For more information about that and HP ESP's response, read the article.

Shellshock: HP Security handles the aftershocks

shellshock.jpgMembers of HP Security Research and the HP TippingPoint DVLabs team discuss the GNU Bash vulnerability “Shellshock” and how we were able to quickly protect customers.

Labels: TippingPoint

Don't be Shell Shocked! HP ArcSight appliance does not use CGI

 

Shellshock.jpgIf you are one of the 10,000 ArcSight customers, follow these steps to safeguard from Shell Shock vulnerability through HP ArcSight.

 

  1. Install and configure sysdig, an open source utility used to monitor and analyse system state activity
  2. Configure RHEL where ArcSight ESM is installed to prepare to push the ShellShock content
  3. Apply the sysdig flexconnector that will parse events from sysdig
  4. Install ShellShock content pack from ArcSight support
  5. ArcSight is ready to monitor logs for potential attacks and exploits

 

 

The Security Analyst Skills Gap - Part 1

securityAnalyst.pngThere are certain truths about Security Analysts:

  • Nearly every business is trying to hire them.
  • Any business who has one is trying desperately to keep them.
  • There are many job seekers lacking the ability to execute as a security analyst.
  • Many organizations have an incomplete understanding of what caliber of good guy they actually need.

Read on to learn how to grow your own security analysts and how to keep them!

HP AppDefender and HP WebInspect updates: GNU Bash vulnerability "Shellshock"

Many GNU Bash vulnerability attack vectors exist– some yet to be discovered and/or disclosed. HP Security continues to work diligently to provide product updates enhancing both protection and remediation. 

GNU Bash vulnerability "Shellshock" (CVE-2014-6271): HP TippingPoint update

hacked 2.jpgThere's a new bug out there, and it could pose a larger threat than "Heartbleed." Unless, of course, you're an HP TippingPoint customer! Read this blog for HP TippingPoint's response to CVE-2014-6271.

Labels: TippingPoint

HP ArcSight Logger for David and Goliath

logger shipment.JPG

 15 tons of ArcSight Logger was shipped to a large enterprise IT the same day a small healthcare company in India bought Logger to manage for just 25 users. HP ArcSight shipped its log management solution for both David and Goliath the same day.

 

We have been overwhelmed with the positive response we are getting for our brand new HP ArcSight Logger 6.0 that we released last week. You can read about the all-new Logger on this post, but just to summarize it is a universal log management solution that has the best performance to price in the market.

HP TippingPoint--Leading vulnerability research stats

Each week, the TippingPoint DVLabs team develops new attack filters to address vulnerabilities and incorporates these filters into Digital Vaccines. Here are the advisory numbers for 2006-present, in comparison to other organizations. 

Labels: TippingPoint

Interop NY is around the corner--TippingPoint will be there--will you?

interop.jpgInterop NY is right around the corner, and HP TippingPoint can’t wait! We’re having a launch celebration, and you’re invited—read this blog for more info.

 

A guest post by
Elisa Lippincott
HP Enterprise Security Products
Marketing Manager

Labels: TippingPoint
Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.