The days of locked down security are over. Today’s enterprise must be as fluid as the clients they serve, sharing information whenever, wherever and on whichever device they choose. This new fluidity requires a comprehensive approach to security to enable interaction while driving operational effectiveness and reducing business risk.
Getting to your secure enterprise is a journey and we have designed capabilities to help you get there.
Are you ready to begin the journey to your secure enterprise?
Why Vendor-driven Threat Intelligence is not Sufficient AnymoreOfer Shezaf, HP Enterprise Security ProductsWhile threat intelligence promises to help with the effective detection of advanced threats, it usually achieves the opposite: detecting the most predictable attackers. To be included as part of a vendor provided threat intelligence feed, an attacker must have tried attacking several potential victims before, and must have used the exact same method to be captured in the threat intelligence feed.
In this presentation we will see how to make threat intelligence valuable for detecting advanced targeted threats directly aimed at your organization. We will see how to create a threat intelligence feed close to the target, as a shared effort between departments, subsidiaries or organizations working closely together to ensure identification of targeted threats. In addition we will see how to extend the term intelligence into additional detection mechanisms such as behavioral patterns.Read more >
Web applications continue to represent a major source of risk to organizations. Not only is the number of web application growing but the associated risk is increasing as they are evolving from informational web-sites to interactive sites that capture customer data. The IT security teams are aware of the problem but all too often do not have then bandwidth to effectively assess these application or the budget to engage expensive penetration testers to do the work on their behalf. The problem is compounded as now it’s not only web-sites that need to be secured but Facebook and mobile applications too.
In this webinar, you will learn how Fortify on Demand, HP’s cloud based application security testing service, can provide a cost effective solution to all your application security testing requirements. With Fortify on Demand you can start testing within a day, scale rapidly to test all your applications, whether they are developed in-house or produced by third-parties, and importantly support the developers to fix any vulnerabilities that we find.
In today’s ever evolving threat landscape and with the increasing requirements by the business users for access to business information from various locations and from a multitude devices, the Information Security Professional is required to understand the threats and the mitigation techniques available to them. During this presentation we will explore the attackers motivation and understand their eco-system and then we will look at how users are being leveraged to gain access to our business information. Lastly we will look at ways we can mitigate the kill chain at various stages and provide better reporting to the business stake holders.
The rapid adoption of mobile devices has created significant security risks and challenges for IT organizations. In a recent study by HP of 120 mobile applications for a single enterprise customer found that 66% of applications contained vulnerabilities that could have led to the disclosure of personal data or the compromise of a back-end system.
In this webinar you will learn more about these vulnerabilities and how you can identify and remediate these risks.
Depuis de nombreuses années déjà, le système d’information est devenu un support indispensable à la stratégie et aux activités des Entreprises et des Organisations. L’essor du Big Data confirme l’évolution du SI avec l’accès à des données hétérogènes et en grand nombre. Malheureusement, l’apparition de nouvelles menaces, ainsi que la pression règlementaire démontrent le caractère indispensable de la gouvernance du SI et de la gestion opérationnelle de la sécurité et impliquent l’adoption d’une posture de sécurité dynamique.
Face à ces enjeux,les entreprises doivent non seulement trouver les meilleurs experts et savoir les garder, mais elles doivent aussi s’organiser avec des équipes et des processus adaptés à leurs exigences et enfin, elles doivent s’appuyer sur technologies éprouvées qui leur permettent d’anticiper et de détecter les menaces.
Dans ce contexte d’enjeux toujours plus important, les technologies de SIEM sont devenues essentielles. La technologie HP ArcSight, solution leader dans le marché du SIEM, a contribué à améliorer de manière significative la posture de sécurité de milliers de clients à travers le monde. Ces clients sont des acteurs de secteurs industriels de l’aéronautique et de la défense, l’énergie, les services, la finance, la santé, les hautes technologies, l’assurance, la distribution et les technologies de communications.
With the modern and emerging threat landscape, it is clear that adding more and more layers isn’t going to provide the answers that it once did. Using a joined-up approach, it is possible to start to build a true solution that helps manage the risks and threats, and to provide visibility that wasn’t previously possible. Addressing security at the network and application layers and proving a real-time view of the risks and threats as they happen, it’s now possible to start to address these new emerging threats.
Importantly though, by using this approach, it is possible to be prepared today and tomorrow to provide pro-active identification and resolution to the threats.
The business is demanding more apps and more channels for customer engagement. In turn you know this means more risk. The app development team is swamped just trying to keep up, and your security team is stuck in the middle, trying to secure what you already have - let alone all this new stuff. Sound familiar?
Join us for 45 minutes where you will learn:
- Why the developers are struggling to deliver secure applications
- Why the business doesn't seem to 'get' application security
- How you can start managing your application risk, today, for free
2013 Cost of Cyber Crime Study: UK, Germany & France
Join us for the 2013 results presentation of the second annual Cost of Cyber Crime study for the United Kingdom and Germany. For the first time, the research was conducted in France. Conducted by Ponemon Institute and sponsored by HP Enterprise Security, a total of 110 UK, German and French organizations participated. According to the findings, cyber attacks increased 16 percent in the UK and 21 percent in Germany. The costs associated with this increase in the UK and Germany were £904,886 and €830,169, respectively. For the first time, it was determined that the average cost of a cyber attack in France was €3.89 million. Findings from the report also show that each week UK and German organizations experienced on average 1.3 successful attacks per company. French organizations experienced an average of 1 cyber attack per company.
Evidence is mounting that current IT security models are simply no longer sufficient to support the hybrid enterprise. The extensive flow of enterprise information, well beyond the traditional purview of IT, necessitates an expansion of security scope to identify and control vulnerabilities. Lack of focus can be putting your information at risk.
This session reviews findings from the HP Enterprise Security Services Security Assessment Report. The report utilizes data and survey responses on customer security maturity assessments.
While organizations continue to battle cyber criminals, it seems that security professions are always fighting a losing war. However, a new weapon has been building up within the domain of most organizations, one that can help tip the balance in favor of the good guys. Find out how we can take the massive amounts of information we are generating and turn it to help bring valuable intelligence that can stop cyber-attacks from compromising your enterprise
The Enterprise Security Kill Chain concept describes the five steps of a security breach. This session will describe the steps that attackers use and suggestions that organisation can use to identify and mitigate these attempts and reduce risk.
About your speaker:
Rich Agar CISSP has been working in the IT industry since the late 1990’s. He has worked as a freelance consultant, at systems integrators and vendors with various customers across the UK and Europe. Rich holds a Master’s degree in Information Security from Royal Holloway, University of London, and is currently working as a Solutions Architect for Enterprise Security at Hewlett Packard.