HP today announced new and enhanced solutions that help organizations disrupt the life cycle of a cyber-attack and improve the overall effectiveness of security operation teams through accelerated big data analytics and real-time, application-level threat detection.
The cyber threat landscape is evolving faster than security teams can manage, causing many organizations to dramatically increase headcount and training programs. At the same time, the volume, velocity and variety of data is making it increasingly difficult to analyze and understand where security risks exist within an organization. Limited resources and failing signature-based solutions are also limit security staffs’ ability to mount an effective defense.
HP delivers advanced, data-driven security technologies designed to empower security operations teams to run more efficiently. This enables staff to focus on deriving meaningful security intelligence from big data and spend less time on system management, product deployment, risk assessment and manual vulnerability searching. New HP ArcSight solutions identify and prioritize threats faster, combine security intelligence with business intelligence, and close potential blind spots at the application layer, giving customers greater control over their security environments.
“The exploding volume of data that organizations today must manage presents new security challenges as they try to predict, locate and disrupt cyberthreats,” said Ranndeep Singh Chonker, Country Manager, HP Enterprise Security Products, India. “The newly expanded HP ArcSight portfolio delivers solutions that help security teams and SOCs prioritize risk, automate application-level threat detection and streamline security management to reduce exposure and increase effectiveness of protecting valuable data from internal and external theft.”
Enhanced visibility to eliminate blind spots, find efficiencies
While security spending continues to focus on the perimeter, 84% of business security breaches originate at the application layer and mobile vulnerabilities have grown by 68%. The new HP ArcSight Application View solution closes this gap by integrating the HP ArcSight Security Information and Event Management (SIEM) platforms—HP ArcSight ESM and HP ArcSight Express—with HP Fortify Runtime to automatically detect and log application security events.
This gives security operations teams first-of-its-kind visibility into the application layer, helping to block attacks on applications in real-time and preventing data loss, identity theft and IP loss from occurring.
To help organizations effectively defend against today’s targeted threats and manage the increasing volume of security-related data, HP has introduced HP ArcSight Risk Insight. Incorporating key elements originally implemented in the HP ArcSight EnterpriseView product,
HP ArcSight Risk Insight is delivered as an add-on to HP ArcSight ESM.
The new solution helps security operations teams identify advanced attack targets, analyze current security technology deployments and weigh emerging risk to determine where to focus mitigation efforts.
HP ArcSight Risk Insight aggregates the threats identified in HP ArcSight ESM into clear Key Risk Indicators (KRIs) juxtaposed with a hierarchical, business-oriented view of the infrastructure. It is designed to marry security intelligence with business risk and provide senior-level management teams with prioritized, strategic insight to security data with actionable intelligence to address risk.
Streamlined security operations management for better productivity
Security operations teams are challenged by achieving balance between operational efficiency and conducting security intelligence research, especially as the scope and complexity of their SIEM and logging deployments grow. The HP ArcSight Management Center is an enterprise-grade, centralized security management hub that enables HP ArcSight customers to effectively and efficiently manage large deployments of HP ArcSight Logger, HP ArcSight SmartConnectors and HP ArcSight Connector Appliance from a single console.
The HP ArcSight Management Center helps streamline centralized configuration management and compliance, while reducing the time it takes to alter the system or implement a policy change. This allows security operations teams to more efficiently allocate scarce resources, and focus on managing threats rather than disjointed tools and products.
Intelligence-driven threat detection through security and broader operations data
Security operations are rapidly evolving to become highly proactive programs that head off and prevent or contain security threats before they occur. These advanced use cases require accurate modeling and binding of large disparate, data sets spanning both human and machine information to be effective. HP Software utilizes the HP Haven platform for connecting the dots between the various big data sets to address this specific need.
The HP Haven platform consists of Hadoop for raw data storage and batch mode analysis, HP Autonomy for human generated information processing, the HP Vertica Analytics Platform for broader big data analytics, and HP ArcSight ESM for real-time security monitoring and analytics, with applications running over the platform.
A key component of the HP Haven platform is the set of data engines it offers and connects together in a logical and effective manner, together with more than 700 connectors to a wide array of data sources. Data collection, storage, monitoring and analysis are now possible under a single umbrella from HP Software.
The openness and flexibility of the HP Haven platform enables security operations teams to use the updated HP ArcSight Enterprise Security Manager (ESM) v6.5c to analyze security events in a broader context when used in conjunction with Hadoop, HP Autonomy or HP Vertica Analytics Platform data stores.
It allows customers to benefit from an accurate prioritization of risks and anomalies as well as advanced insider threat patterns. The HP ArcSight ESM solution operates in real-time, sifting through millions of log records, correlating the data at a rate of two million events per second to find the critical events.
HP ArcSight ESM v6.5c incorporates the latest iteration of the highly optimized back-end storage engine that allows faster querying to enable real-time alerts during complex searches, accelerates algorithm performance for correlation event processing and significantly improves data storage efficiency.
Pricing and availability
·HP ArcSight Application View is available immediately worldwide. A 30-day free trial offer is available, with pricing starting at $2,000 per application following the conclusion of the trial period.
·HP ArcSight Risk Insight is expected to be available this fall.
·The HP ArcSight Management Center is expected to be available in October. A free trial version will be available for evaluation of full capabilities.
·HP ArcSight Enterprise Security Manager (ESM) v6.5c is available as hardware or software, providing flexible deployment options for any environment and is expected to be available in October.