HP cushions enterprises with new security analytics solutions

BENGALURU: IT company HP has unveiled new solutions centered on security analytics for organizations to shift from legacy security methods to a modern approach that focuses on protecting the interactions among users, applications and data to help protect enterprises’ most valuable assets.

"Breach detection is on top of mind for security buyers and the field of security technologies claiming to find breaches or detect advanced attacks is at an all-time noise level," said Eric Ahlm, Research Director at Gartner. "Security analytics platforms endeavor to bring situational awareness to security events by gathering and analyzing a broader set of data, such that the events that pose the greatest harm to an organization are found and prioritized with greater accuracy," added Ahlm.

The new HP DNS Malware Analytics (DMA) is designed to identify infected hosts by inspecting an enterprise’s DNS traffic. Developed in partnership with HP Labs, HP’s central research organization, and HP’s internal Cyber Defense Center, this clientless, algorithmic-driven service uncovers infected hosts without endpoint agents.

“Organizations today are faced with growing volumes of security data and without the ability to separate the signal from the noise they can fall victim to undetected malware attacks, which can have serious financial and operational impact,” said Jyoti Prakash, Country Director, India and SAARC countries, HP Enterprise Security Products. “The new HP DNS Malware Analytics solution effectively puts the data science necessary to derive malware detection from voluminous DNS server events into a simple, highly efficient package for customers large and small, and when combined with the powerful HP ArcSight SIEM platform, provides next-generation SIEM capabilities to better protect the enterprise,” added Prakash.

HP DMA identifies malware-infected hosts such as servers, desktops and mobile devices and uses an algorithmic engine to analyze the high volume of DNS records. This enables the detection of new, unknown malware while simultaneously reducing false positives by a factor of 20 over other malware detection systems.

The solution integrates with the HP ArcSight SIEM platform, enabling customers to harness the power of SIEM and leverage their HP ArcSight Enterprise Security Management (ESM) deployments to correlate with other contextual data, issue alerts and signal appropriate remediation.

HP also introduced HP Fortify scan analytics, a machine-learning technology that harnesses the power of an organization’s application security data to improve accuracy and efficiency of application security solutions. Processing an organization’s growing collection of historical application security scan results to reduce the number of issues that require an auditor’s review, the solution enables customers to focus resources on fewer, higher priority tasks. This analytics technology integrates seamlessly into existing application security testing workflows, which helps to increase both the efficiency of the application security audit process and the relevancy of findings.