HP Enterprise Security Products

As more applications have moved to the cloud, the industry has seen a proliferation of application security issues. In 2012, several cloud service providers were breached as a direct result of application security vulnerabilities. Before you choose a cloud service provider, make sure that it answers the series of security questions created by the Cloud Security Alliance (CSA). CSA has created a checklist of industry-accepted ways to document what security controls exist in IaaS, PaaS, and SaaS offerings – creating more transparency for enterprises. The speakers will walk attendees through this blueprint, helping them to become more adept at identifying service provider security readiness. They'll also discuss some of the most common application vulnerabilities, including unencrypted passwords, SQL Injection, and those that impact poorly architected mobile apps.

Your VP just resigned and took a position at your biggest competitor. Did you remember to examine the Salesforce logs to see if he downloaded your entire customer database and history of purchases? Do you even have access to those logs? And if you did, and found the obvious, how would it help now? Catching Bradley Manning who stole sensitive government information, Ross Klein who took with him an entire hotel brand concept and Gary Min that copied chemical formulas was too late for the US government, DuPont and Starwood hotels respectively.

In this presentation we look into how to proactively monitor user activity to detect potential threats from employees before the damage occurs. Focusing on how to effectively collect activity logs and analyze them against user, role and entitlement information, to detect abnormal activity, predict which employees may pose more threat if not loyal and to reduce the associated risk.

More and more security operations centers are transforming their operations from being reactive, to proactive and even predictive. Hear how big data technologies like Autonomy IDOL can be leveraged with traditional security monitoring tools for Social Network Monitoring and Data Loss Prevention (data in motion) to drive value and empower a “next generation SOC.”

Mobile devices are a hot trend amongst security topics this year. While most cover the angle of the device management, only few go into testing the applications. Since the mobile application vulnerability landscape is still young, there is a need to classify these vulnerabilities so that development teams can focus and root them out of their codebases. Join us as we explore the OWASP Mobile Top 10 classification system and metrics from a large case study of a real enterprise facing the deployment and assessment of a large number of mobile applications. Developers, Managers, and team leads will leave with resources and guidelines to start mobile security both at the process level and code level, including how to handle external mobile development teams they might contract. Get ahead of upcoming PCI compliance by addressing your mobile software early!

Compliance and security are better together and there are tools and resources that can be combined to achieve both. Learn the top 10 tips - such as continuous monitoring, assessing the controls, and cost-effective audit logs - to understand and implement best practices of compliance and security together.

Network security is not just about eliminating bad traffic, it is also about making sure applications and critical data are always available to the right audience at the right time. The right network security architecture can provide security for physical assets, but also extend protection for virtual and cloud computing infrastructures without impacting performance. In fact, unlike in the past, a network security product should never be considered a bottleneck due to deep packet inspection, but should actually be capable of improving bandwidth and performance.

About the Presenter:
Sanjay Raja, Director of Product Marketing for HP TippingPoint, is responsible for marketing of HP TippingPoint’s Network and Cloud Security solutions. He has over 12 years of experience in various Product Marketing, Product Management, and Alliances roles primarily in IT Security. He has been in the IT industry for the last 18 years with experience in Security, Networking, Servers and Storage and Network and Application Performance Testing. In addition he has authored several papers and presented at various industry events on security, compliance and testing. Prior to HP he has worked at Cabletron Systems, 3Com, Nexsi Systems, Spirent Communications, Top Layer Networks, Symantec and most recently Crossbeam Systems. Sanjay currently holds a B.S.EE and MBA from Worcester Polytechnic Institute.

While organizations continue to battle cyber criminals, it seems that security professions are always fighting a losing war. However, a new weapon has been building up within the domain of most organizations, one that can help tip the balance in favor of the good guys. Find out how we can take the massive amounts of information we are generating and turn it to help bring valuable intelligence that can stop cyber-attacks from compromising your enterprise.

Join us to explore the mobile application threat landscape and identify ways to prepare for reverse engineering and tampering attacks.

The mobile App Economy is growing explosively as businesses are seeking to embrace innovation to provide new products and services to consumers, partners, and employees. However, malicious hackers and criminal organizations are now targeting these applications with a growing number of sophisticated attacks. Security of mobile apps, rather than devices, has become the new focal point as well as a top level concern for all stakeholders.

In this webinar, mobile security experts, Jason Schmitt, Director of Product Management of HP Fortify and Vince Arneja, VP of Product Management of Arxan Technologies will explore the mobile application threat landscape to identify a wide range of threats from vulnerability based attacks to reverse engineering and tampering attacks. The presenters will also address how to achieve comprehensive mobile application security within the SDLC to manage risk and exposure for B2C, B2E and B2B applications and protect today’s App Economy from theft, fraud, malware invasion, and tampering. You will gain insights how to develop and launch vulnerability-free, self-defending, and tamper-proofed applications that can withstand the new attacks.

HP Fortify is the leader in Software Security Assurance with solutions that contain, remove, and prevent software vulnerabilities. Arxan Technologies is the leader in protecting the App Economy with application protection solutions that are deployed on over one hundred million devices by Fortune 500 and global financial services.

Don’t miss the results presentation of the 3rd Annual Cost of Cyber Crime Study, conducted by Ponemon Institute, sponsored by HP Enterprise Security. This research indicates that both the cost and frequency of cyber crime have continued to rise for the third straight year. According to this study of a benchmark sample of U.S. organizations, the occurrence of cyber attacks has more than doubled during this period, while the financial impact has increased by nearly 40 percent. This year’s study found that the average annualized cost of cybercrime incurred was $8.9 million. This represents a six percent increase over the average cost reported in 2011, and a 38 percent increase over 2010.

This webinar will focus on the UK and Germany results.
Attend this webinar and learn about how:

• Information theft and business disruption continue to represent the highest external costs.

• Recovery and detection remain the most costly internal activities associated with cyber crime.

• Deploying advanced security intelligence solutions can mitigate the impact of cyber attacks.

Register now!

Don’t miss the results presentation of the 3rd Annual Cost of Cyber Crime Study, conducted by Ponemon Institute, sponsored by HP Enterprise Security. This research indicates that both the cost and frequency of cyber crime have continued to rise for the third straight year. According to this study of a benchmark sample of U.S. organizations, the occurrence of cyber attacks has more than doubled during this period, while the financial impact has increased by nearly 40 percent. This year’s study found that the average annualized cost of cybercrime incurred was $8.9 million. This represents a six percent increase over the average cost reported in 2011, and a 38 percent increase over 2010.

Attend this webinar and learn about how:

•Information theft and business disruption continue to represent the highest external costs.
•Recovery and detection remain the most costly internal activities associated with cyber crime.
•Deploying advanced security intelligence solutions can mitigate the impact of cyber attacks.

Register now!