hpe security overview
TRANSCRIPT
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 1/54
HPE SecurityPortfolio Overview
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 2/54
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 3/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
Attack Life Cycle
Research Potential TargetsResearch
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen Data
Exfiltration/DamageExfiltrate/Destroy Stolen Data
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 4/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen Data
Exfiltration/DamageExfiltrate/Destroy Stolen Data
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 5/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
Obtain datCaptur
Note: Industry Leading Security Research and Threa
Source:
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 6/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
Obtain datCaptur
Note: Automated Intelligence Sharing via Threat Cen
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 7/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
RASP: Runtime Application Self ProtectionDAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP Fortify
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 8/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchDVLabs: Digital Vaccine LabsZDI: Zero Day InitiativeThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
RASP: Runtime Application Self ProtectionDAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP Fortify
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
Note:
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 9/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchDVLabs: Digital Vaccine LabsZDI: Zero Day InitiativeThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
RASP: Runtime Application Self ProtectionDAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP Fortify
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
Note: Industry Leading Software Security Assurance Portfolio
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 10/54
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 11/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchDVLabs: Digital Vaccine LabsZDI: Zero Day InitiativeThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
RASP: Runtime Application Self ProtectionDAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP Fortify
InfiltrationPhishing Attack and Malware
SIEMLoggeUBA:IT GRDMA
.
DH
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
Obtain datCaptur
Note: Industry Leading Security Analytics and Correlation Portfolio
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 12/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchDVLabs: Digital Vaccine LabsZDI: Zero Day InitiativeThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
NGIPS: Next Generation IPSNGFW: Next Generation FirewallATA: Advanced Threat ApplianceRASP: Runtime Application Self ProtectionDAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP TippingPoint• HP Fortify
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
SIEMLoggeUBA:IT GRDMA
DH
Note: Industry Leading Security Analytics and Correlation Portfolio
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 13/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchDVLabs: Digital Vaccine LabsZDI: Zero Day InitiativeThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
NGIPS: Next Generation IPSNGFW: Next Generation FirewallATA: Advanced Threat ApplianceRASP: Runtime Application Self ProtectionDAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP TippingPoint• HP Fortify
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
Note: Find Insider Threats and APTs with User Behavior Analytics
SIEMLoggeUBA:IT GRDMA
DH
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 14/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchDVLabs: Digital Vaccine LabsZDI: Zero Day InitiativeThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
NGIPS: Next Generation IPSNGFW: Next Generation FirewallATA: Advanced Threat ApplianceRASP: Runtime Application Self ProtectionDAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP TippingPoint• HP Fortify
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
SIEMLoggeUBA:IT GRDMA
DH
Note: Find Insider Threats and APTs with DNS Malware Analytics
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 15/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchDVLabs: Digital Vaccine LabsZDI: Zero Day InitiativeThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
NGIPS: Next Generation IPSNGFW: Next Generation FirewallATA: Advanced Threat ApplianceRASP: Runtime Application Self ProtectionDAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP TippingPoint• HP Fortify
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
SIEMLoggeUBA:IT GRDMA
DH
Note: Runtime Application Self Protection – and Monitoring
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 16/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchDVLabs: Digital Vaccine LabsZDI: Zero Day InitiativeThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
NGIPS: Next Generation IPSNGFW: Next Generation FirewallATA: Advanced Threat ApplianceRASP: Runtime Application Self ProtectionDAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP TippingPoint• HP Fortify
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
SIEMLoggeUBA:IT GRDMA
DH
Note: Actionable Risk Intelligence with the ESM module: Risk Insight
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 17/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchDVLabs: Digital Vaccine LabsZDI: Zero Day InitiativeThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
RASP: Runtime Application Self Protection
DAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP Fortify
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
SIEMLoggeUBA:IT GRDMA
DH
Note: End-To-End Data Protection with HP Voltage
934-753-2356
ESKM: Enterpr. SNSP: Network SDLP: Data LossFPE, Tokenization: Secure Email
Protect DatHP Atalla, H
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 18/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchDVLabs: Digital Vaccine LabsZDI: Zero Day InitiativeThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
NGIPS: Next Generation IPS
NGFW: Next Generation FirewallATA: Advanced Threat ApplianceRASP: Runtime Application Self ProtectionDAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP TippingPoint• HP Fortify
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
Note: Protection Data at every stage of its lifecycle with Atalla IPC
SIEMLoggeUBA:IT GRDMA
DH
ESKM: Enterpr. SNSP: Network SDLP: Data LossFPE, Tokenization: Secure Email
Protect DatHP Atalla, H
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 19/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
MonetizationData Sold on Black Market
HPSR: HP Security ResearchDVLabs: Digital Vaccine LabsZDI: Zero Day InitiativeThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
NGIPS: Next Generation IPS
NGFW: Next Generation FirewallATA: Advanced Threat ApplianceRASP: Runtime Application Self ProtectionDAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP TippingPoint• HP Fortify
InfiltrationPhishing Attack and Malware
.
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
Note: Industry Leading Data Protection Portfolio
SIEMLoggeUBA:IT GRDMA
DH
ESKM: Enterpr. SNSP: Network SDLP: Data LossFPE, Tokenization: Secure Email
Protect DatHP Atalla, H
Obtain datCaptur
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 20/54
© Copyright 2015 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
Action
HP Breach Response Services
MonetizationData Sold on Black Market
HPSR: HP Security ResearchThreat Central
Attack Life Cycle
Threat IntelligenceHP Security Research
Research Potential TargetsResearch
RASP: Runtime Application Self Protection
DAST: Dynamic Application Security TestingSAST: Static Application Security Testing
Block Adversary• HP Fortify
InfiltrationPhishing Attack and Malware
.
ESKM: Enterpr. SNSP: Network SFPE, Tokenization: Secure Email
Protect DatHP Atalla, H
Obtain datCaptur
Exfiltrate/Destroy Stolen DataExfiltration/DamageExfiltrate/Destroy Stolen Data
SIEMLoggeUBA:IT GRDMA
DH
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 21/54
HPE ArcSightSecurity Information & Event Management
HPEE ArcSight
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 22/54
Act with Instant Clarity against threats that matter
HPEE ArcSight
Transform Big Datainto actionablesecurity intelligence
Automatecompliance obox
AnalyzeCollect Automa
Real-time correlation ofdata across devices tofind threats
How do we do it?
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 23/54
How do we do it?
?
Collect Collect logs from any device, any source, aat high speed
Enrich Machine data is unified into a single formanormalization and categorization
Search Simple text-based search tool for logs and e
the need of domain expertsStore Archive years’ worth of unified machine data
compression ratios
Correlate Automate the analysis, reporting, and alertidata for IT security, IT operations, and IT G
Approach Benefit
HPE ArcSight: Market Leading S olution
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 24/54
Analyst RecognitiCompany Background
HPE ArcSight: Market Leading S olution
• Founded May 2000
• 3000+ customers (~50 MSSP’s)• Offices worldwide (170+ countries)
• Acquired by HPE, Oct 2010
#1 In-usand Log
#1 in MaLast thre
SIEM Le10 years i
Industry Recognition
HPE Architecture Overview
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 25/54
HPE Architecture Overview
Logger Tier
ArcSight Connector
ArcSight Logger HA – If Needed
ArcSight Express/ESMReal time Correlation Tier
For aggregation and noise filtering
Admin
Collection Tier
Admin
HPE ArcSight: A Leader in SIEM (2011-2015 Gartner Quadrant)
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 26/54
g ( Q )
2014
Indonesia Customer Refference
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 27/54
Financial Industries / BankingTelco IndustriesGovernment
Private Company
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 28/54
Forensic Analysis
Are we compromised?
Are we compromised?
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 29/54
Firewall log analysis – Sorted Count of Denials-spanning-two-minutes
p
HPE ArcSight Correlation
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 30/54
gEnabling Complete Visibility
COLLECT CONSOLIDATE
• Sophisticated correlation technologies
• Pattern recognition and anomaly detection to identifymodern known and unknown threats
• The more you collect, the smarter it gets
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 31/54
ArcSight ESM Features
SIEM
Detection Analysis Al
!!
Out of the Box Content for Common Use Cases
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 32/54
Understand Network Usage• Top Bandwidth Users• Top Protocols• Top Domains and Zones
Prevent Viruses• Top Infected Systems• All AV Errors• AV Signature Update Stats
Protect Your Data• Database Errors and Warnings• Database Successful and Failed Logins• Database Configuration Changes
Prevent Intrusions• Top Attackers and Internal Targets• IPS / IDS Alert Metrics• Intrusion Alert Counts• Top Alert Sources and Destinations• Top Attackers and Internal TargetsControl User Access• User Authentication Across Hosts• Authentication Success and Failures•
User Administration Configuration Changes
Control Network Devices• Network Device Errors and Critical Events• Network Device Status and “Down” Notifications• Configuration Changes by User and Chang• Successful and Failed Logins
Monitor VPN / Remote Access• VPN Authentication Errors• Connection Counts• Connection Durations• Connections Accepted
and Denied
Monitor Privileged Users• Privileged User Administration• Successful and Failed Logins• User Session Monitoring
Guard the Perimeter• Firewall Monitoring• Denied Inbound Connections• Denied Outbound Connections• Successful / Failed Login Activity
• Top External Destinations• Top External Sources
• Success• Top Con• Top Ban• VPN Co
• Consoli•
AV Con
Correlated Rule Name Description
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 33/54
p
Failed Login to a default account This rule detects a failed login attempt to a servers default out of the box account (such as admin,cisco)
Successful Login to a default account This rule detects a successful login attempt to a servers default out of the box account (such asadmin, cisco)
Failed Logins of Single User toMultiple Destinations
This rule detects suspicious user behaviour where a single user account has attempted to login tomultiple servers unsuccessfully
Brute Force Login Attempt Tracks multiple failed logins to the same user account on the same server. When the threshold isreached it will trigger the rule
Multiple Failed Logins followed by aSuccess Tracks multiple failed logins to the same user account on the same server.
Port Scan DetectedThis Rule is triggered when ESM detects Multiple Reconnaissance Connections where the Target
Address is the same but the Target Port and Attacker Addresses are unique.
High Number of IDS Alerts for DOSThis rule will fire when multiple IDS Alerts are seen which have been classified as Denial ofService Attacks
IDS High DOS This rule will trigger when an IDS Event classified as DOS with a High Priority is seen. IDS/
SYN Flood Detected by IDS orFirewall This rule looks for SYN flood alerts from Intrusion Detection Systems (IDS) or firewalls. ID
IDS High Inappropriate UsageThis rule will trigger when an IDS Event c lassified as 'Inappropriate Usage' with a High Priority isseen.
IDS Medium Inappropriate UsageThis rule will trigger when multiple IDS Events classified as 'Inappropriate Usage' with a MediumPriority are seen.
IDS Medium Malicious CodeThis rule will trigger when multiple IDS Events classified as 'Malicious Code' with a MediumPriority are seen.
Real-Time Alerting and Notifications
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 34/54
• Alerting• Proactive threat, risk, and compliance alerting
• Escalation• Priority based escalation and workflow
• Notifications• Email, SMS, pager, SNMP
• Customizable templates
g
A l d I ti t
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 35/54
Analyze and Investigate
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 36/54
HPE FortifyStatic & Dynamic Application Testing
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 37/54
On-Premise and On-Demand
HP Fortify – Software Security Testing
Static Analysis – Fortify SCA
Source CodeMgt. System
Static Analysis ViaBuild Integration
Dynamic Analysis – WebInspect
Dynamic Testingin QA or
Production
Application ProtectionHP Application Defender
Real-time Protection ofRunning Application
Vulnerability Management
Normalization(Scoring, Guidance)
Correlation(Static, Dynamic, Runtime)
Threat Intelligence RulesManagement
VulnerabilityDatabase
Remediation
IDE Plug-ins(Eclipse, VisualStudio, etc.)
Developers(onshore or
offshore)
Correlate TargetVulnerabilities
with CommonGuidance andScoring
Defects, Metricsand KPIs Used to
Measure Risk
Applicati
Lifecyc
DevelopmeProject an
ManagemeStakeholde
Software Security Center Fortify on Demand
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 38/54
Static analysis – find and fix security issues in your code during developmenHP Fortify Static Code Analyzer (SCA)
Features:
• Automate static application security testing to identifysecurity vulnerabilities in application source codeduring development
• Pinpoint the root cause of vulnerabilities with line ofcode details and remediation guidance
• Prioritize all application vulnerabilities by severity andimportance
• Supports 22 languages, 832,000+ APIs and 688vulnerability categories
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 39/54
Broadest Technology Support
Static analysis supports 22 languages and
growing
• ABAP• C#• Classic ASP• Cold Fusion• HTML• JavaScript/AJAX• Objective C• PL/SQL• T-SQL• VB6• XML
API Support
• More than 832,000 commonly used Aunderstood and supported by SCA
• ASP .NET• C/C++• COBOL• Flex• Java• JSP• PHP• Python• VB.NET• VBScript• Ruby
Mobile application security solution co• Objective C
• Android• Blackberry• Microsoft
Vulnerabilities• Detects over 689 unique categories o
vulnerabilities
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 40/54
DeveloperSource Code Repository
Build/Scan Server
SSC Server
SCA
Auditor
Sample Work FlowCheck-in new code
Scheduled Check-out,build and scan
Scan Results uploadedAuditor ReviewsResults
AuditoSecuriBug T
Developerbug and writ
HP W bI
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 41/54
Dynamic analysis – find critical security issues in running applicationsHP WebInspect
Features:
• Quickly identify risk in existing applications
• Automate dynamic application security testingof any technology, from development throughproduction
• Validate vulnerabilities in running applications,prioritizing the most critical issues for root-cause analysis
• Streamline the process of remediatingvulnerabilities
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 42/54
© 2011 Hewlett-PackarThe information contained herein is subj
Dynamic Application Security TestingQuickly find and validate exploitable vulnerabilities
<script>alert(“attack”)</script>
“<script>alert(“attack”)</script>
‘<script>alert(“attack”)</script>
<img src =“ javascript : alert(“attack”)”/>
/><body onload =“alert(‘attack’)”/>
NO
NO
NO
NO
NO
> (greater than)
“ (double quote)
%3e (encoded >)
%3Cscript%3Ealert(“attack”)%3C/script%3E
NO
INTERESTING
EVEN BETTER
ATTACK!
Live Scan Visualization
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 43/54
Live Scan VisualizationStart remediation of vulnerabilities immediately Live Scan
Dashboard
Site tree
Vulnerabilitiesfound in application
Excluded and Allowed Hosts
Section
Detailed AtTable
On Demand – Fortify on Demand
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 44/54
On Demand Fortify on Demand
Quickest Time toResults Centralized Por
Global DataCenters
Managed SecurityServices
HP Fortifyo n D e m a n d
A Si ht ESM ith A li ti Vi
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 45/54
OS, databases, storage
Servers, IAM, networking
IPS, routers, switches, firewalls,DLP
Applications IT SO
HP Application ViewKnow your apps. Know your users. Know your da
• Retro-fits applications with security event logs• No change to application required• Out-of-box ready for ArcSight ESM
ArcSight ESM with Application View
HP Fortify key advantages
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 46/54
Only app sec providerto cover SAST, DAST,
IAST and RASP
Comprehensive
Over a decade ofsuccessful deployments
backed by the largestsecurity research team
Proven
Available on prand on dem
Flexib
HP Fortify key advantages
Application Security Market
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 47/54
Application Security Market
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 48/54
HPE SecureMail
The HP Security Voltage Unique Advantage
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 49/54
HP Identity-based Encryption (IBE) and Stateless Architecture
• 60-80% lower cost of operations, 75% less infrastructure
• Simple user experience across desktop, Web, and mobile
• Seamlessly integrates with email and enterprise ecosystem
HP Identity-based Encryption (IBE): How it Works
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 50/54
HP Identity based Encryption (IBE): How it Works
HP SecureMailKey Server
BobAlice
Bob’s Private Key
2
3
Alice Sends Email to Bob
One Solution for Desktop, Web, and Mobile
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 51/54
p, ,
DMZ InternetCorporate Network
HP SecureMail Appliance
DLP / AVAS / MTA
HPSecureMailKey Server
Archive
HP SecureMailApplications
(REST API)
Mail Server &Mobile Server
Native Apps
Native Apps
SMTP /HTTPS
HP SecureMail
Encryption Client
HP S ecureMail
Encryption Client
HP SecureMail
Encryption Client
External Encryption
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 52/54
yp
DMZ InteCorporate Network
MailServer
HP SecureMailFront-EndServices
HPSecureMailEncryptionGateway
Any Devic Any Emai
ClientNative orBrowser
Same solution forinternal and external
DLP / AV / AS / MTA
Internal Encryption
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 53/54
yp
Mail Server
HPSecureMailKey Server
HardwareSecurity Module
ActiveDirectory
Corporate Network
HP SecureMailManagement
Console
Same solution forinternal and external
8/18/2019 HPE Security Overview
http://slidepdf.com/reader/full/hpe-security-overview 54/54
Thank you