• No results found

Changing the Enterprise Security Landscape

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Changing the Enterprise Security Landscape"

Copied!
23
0
0

Loading.... (view fulltext now)

Download now ( 23 Page )

Full text

(1)

©2012 Hewlett-Packard Development Company, L.P.

The information contained herein is subject to change without notice

Changing the Enterprise

Security Landscape

Petr Hněvkovský

Presales Consultant, ArcSight EMEA

HP Enterprise Security Products

(2)

Topics

Current Industry Trends

Enterprise Security Vision

Solution Overview

Intelligent ESP Integrations & Real World Examples

2

(3)

Enterprises and Governments are experiencing

the most

AGGRESSIVE THREAT ENVIRONMENT

in the history of information.

(4)

CISO

CIO

CEO

SHAREHOLDERS

Security Awareness at Board Level

Client Security Leadership is under immense pressure

(5)

Disruptive Technology Trends

CLOUD

Public, Private, Adoption

BIG DATA

Content, Context, Unstructured

FORTRESS

Reactive Perimeter Security

Security 2.0

Proactive Risk

Management

OPEN & EXTENDED

Security of Information Capital

CONSUMERIZATION

(6)

Enterprise

Security Priorities

6

Manage

INFORMATION RISK

in the era of

mobile, cloud, social media

Protect against increasingly sophisticated

CYBER THREATS

Improve

REACTION TIME

to security incidents

Reduce costs and

SPEND WISELY

Achieve

COMPLIANCE

in a predictable and

(7)
(8)

8

HP

has the

only security intelligence platform

that gives clients the insight to

proactively manage

(9)

9

Security Services

Operations Applications

HP Security Intelligence Platform

Establish

complete

Visibility

across all applications and systems

Analyze vulnerabilities

in applications and operations to understand risk

Respond adaptively

to

build defenses against the exploitation of vulnerabilities

Measure security effectiveness

and risk

across people, process, and technology to improve over

time Information

(10)
(11)

#3 Security Intelligence

#2 Provide Context

#1 See Everything

HP ESP: a new security intelligence model

Security

Operations

Information

Applications

Operational Security Information Security Application Security

IT Management

#4 Risk Management

(12)

1,400 security professionals from HP ArcSight, Fortify and TippingPoint teams

Top five security company by market share (leader in SIEM, Log Mgt, AppSec, Network Security)

HP Enterprise Security

=HP

The Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from HP.

HP has the potential to become a security powerhouse with a broad portfolio of security offerings — application, network security and security information and event management (SIEM) — that HP is currently integrating both organizationally and technologically. (Gartner Magic Quadrant for Dynamic Security Testing , Dec 2011)

(13)

HP Fortify Software Security Center

Identifies and eliminates risk in existing applications and prevents the introduction

of risk during application development, in-house or from vendors.

Protects business critical applications from advanced cyber attacks by removing security vulnerabilities from software

Accelerates time-to-value for achieving secure applications

Increases development productivity by enabling security to be built into software, rather than added on after it is deployed

Delivers risk intelligence from application development to improve operational security

In-house

Outsourced

Commercial Open source

(14)

HP TippingPoint Network Defense System

Scalable Infrastructure

to address

current and future security deployment

models (NG IPS/FW)

Dynamic Analytics

and policy

deployment with real time (NG Mgmt

)

Predictive Intelligence

to proactively

address current and future threat activity

(DV Labs)

Next Gen IPS

Next Gen Firewall

DVLabs

Research

Next Gen Mgmt

Net

wrk

A complete set of security solutions that address today's advanced security

threats at the perimeter and core of your business.

Network Defense

System

Applications Operations

(15)

HP TippingPoint has Microsoft coverage a month before other vendors

Number of days after patch that vendor delivers coverage

146/163

Covered

117/163

Covered

-26

Days

Day

0

59/163

Covered

+1

Day

39/163

Covered

144/163

Covered

+2

Days

131/163

Covered

+3

Days

P A T C H A V A I L A B L E

(16)

HP ArcSight Solution Architecture

Establish

complete visibility

Analyze

events in real time to deliver insight

Respond

quickly to prevent loss

Measure

security effectiveness across

people, process, and technology to improve

over time

Event Correlation Log Management App Monitoring Controls Monitoring User Monitoring Fraud Monitoring Data Capture

A comprehensive platform for monitoring modern threats and risks, augmented by

services expertise and the most advanced security user community, Protect724

(17)

MODERN BREACHES SHARE A PATTERN

Acquire target, sneak in, hop around

(Perimeter doesn’t help)

Get privileged access to critical assets

(Impact takes time)

Conduct the crime for an extended time

(18)

HP ArcSight Does Three Things Better Than Anyone

• Collect events from any device on the network • Raw, or categorized for better analysis

• Extend to new data types whenever needed, without HP ArcSight involvement

Enterprise Data Collection

Today’s choices will not limit tomorrow’s strategy

Collect Consolidate Correlate

(19)

HP ArcSight Does Three Things Better Than Anyone

• Complete management of any data to support security, compliance and IT operations • Search + report on years’ of data to investigate outages and incidents quickly and

easily

• Cut SAN/storage cost with cheap simple management of petabytes of log data

Universal Log Management

Deploy one solution to manage enterprise-wide log data

(20)

HP ArcSight Does Three Things Better Than Anyone

ThreatDetector – Pattern recognition and anomaly detection to identify new threats • Analyze roles, identities, histories and trends to detect business risk violations • The more you collect, the smarter it gets

Cutting-edge Threat Analysis

Detect and then prevent attacks you can’t predict

(21)

Intelligent ESP Integrations & Real

World Examples

(22)

2

2

Holistic, business-centric view of IT risk

Decision intelligence for maximum efficiency

HP EnterpriseView

(23)

References

Download now ( PDF - 23 Page - 2.82 MB )

Related documents

DRAFT APPLICATION FORMAT FOR ELECTRICITY CONNECTION

The  rates  of  the  Electricity  Charges  payable  to  RSO  by  the  Applicant  for  the  Electricity  Services  will  be  be  based  on  the  reasonable  costs 

Projective and telescopic projective integration for the nonlinear BGK and Boltzmann equations

Projective integration allows a stable yet explicit integration of such problems by first taking a few small (inner) steps using a step size δt with a simple, explicit method, until

SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)

E-SPIN Professional book on Security Management will focuses on Security Information and Event Management (SIEM), Compliance Management, PCI Data Security

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Forrester Research Network Security SIEM Endpoint Security Web Application Firewall Email Security Authentication & User Security.. Database

Security Operation Centre 5th generation

• HP Security Research Teams: DV Labs, ArcSight, Fortify, HPLabs, Application Security Center and Enterprise Security Services.. • Collect network and security data from around

Solutions Brochure. Security that. Security Connected for Financial Services

Connecting the broad McAfee portfolio of network, endpoint, and content controls, McAfee Enterprise Security Manager, our security and information event management platform,

The Evolution of Application Monitoring

• Security Information and Event Management • Log Management • Application Security • Network Security • Data Protection • Threat Research • Security Services. One Team,

Gerenciamento dos riscos ocupacionais da enfermagem na atenção básica: estudo exploratório descritivo / Management of occupational risks of nursing in primary health care: a descriptive exploratory study

In order to respond to the research object, the following objectives were formulated: Identify the types of occupational hazards to which the nursing professionals are exposed