HP Delivers Actionable Security Intelligence to Reduce Business Risk

Tue Feb 26, 2013 10:07am EST

* Reuters is not responsible for the content in this press release.

  SAN FRANCISCO, CA, Feb 26 (Marketwire) -- 
HP (NYSE: HPQ) today announced the formation of the HP Security Research
(HPSR) organization, a new group that will provide actionable security
intelligence through published reports, threat briefings and enhancements
to the HP security product portfolio.

    The company also released findings from its annual HP Cyber Security Risk
Report, providing insight into the vulnerability landscape with a range
of data covering technologies such as web and mobile. 

    As part of the HP Enterprise Security Products (ESP) business unit, HPSR
will lead HP's security research agenda, leveraging existing HP research
groups, including HP DVLabs, a research organization focused on
vulnerability discovery and analysis, and HP Fortify Software Security
Research, which is focused on developing software security practices.
HPSR also will manage the Zero Day Initiative (ZDI), which focuses on
identifying software flaws that have led to cyberattacks and security
breaches.

    Driving security intelligence research into product offerings
 A core
focus of HPSR is to provide research that directly influences the
development of the HP ESP portfolio. As such, HP has enhanced its HP
Reputation Security Monitor (RepSM) 1.5, which protects clients against
advanced threats by leveraging data feeds directly from HPSR. These data
feeds enhance the identification of peer-to-peer network use and improve
detection of potential spear phishing and spam floods, while also
recognizing patterns over time, such as reconnaissance scans and abnormal
activity levels. 

    The new HP RepSM enables clients to defend against sophisticated attacks
by detecting dangerous interactions with ill-reputed sites to prevent a
breach. After a breach occurs, the solution identifies the infected
assets, communicating with ill-reputed command and control centers,
before intellectual property is leaked.

    For midmarket organizations with large volumes of data and limited
resources, HP ArcSight Express 4.0 combines security information and
event management (SIEM), log management, and user activity monitoring in
an out-of-the-box solution, including connectors to HP ArcSight
IdentityView and HP RepSM. The solution simplifies the collection,
analysis and management of security events quickly and cost-effectively. 

    Clients can be up and running in minutes, quickly gaining insight into
potential security threats by pulling information from hundreds of data
sources. The solution also monitors user and application activity for
security anomalies, such as suspicious behavior. 

    HP research identifies security risks, helps organizations assess
security posture
 HP today released the HP 2012 Cyber Security Risk
Report. The annual report provides security intelligence to organizations
so that they can best deploy their resources to minimize security risk.

    Highlights from the report include:


--  Total vulnerabilities are on the rise
    --  Disclosures grew 19 percent from 6,844 in 2011 to 8,137 in 2012
    --  2012 disclosures remain 19 percent lower than the peak in 2006
--  Critical vulnerabilities declined, but still pose significant risk
    --  Critical vulnerabilities fell from 23 percent in 2011 to 20
        percent in 2012
    --  One in five vulnerabilities still give attackers total control of
        their target
--  Well-known web vulnerabilities remain prevalent in 2012
    --  Four web vulnerability categories made up 40 percent of 2012
        reports
--  Vulnerabilities exploited by clickjacking are still ubiquitous
    --  Less than 1 percent of URLs tested leverage standard mitigation
        after more than a decade
--  The rate of mobile vulnerabilities continues to increase rapidly
    --  Mobile vulnerabilities rose 68 percent from 158 in 2011 to 266 in
        2012
    --  48 percent of mobile applications tested in 2012 gave unauthorized
        access
--  Mature technologies introduce continued and evolving risk
    --  Vulnerabilities in SCADA systems rose 768 percent from only 22 in
        2008 to 191 in 2012

    

In addition to the annual risk report, HPSR will publish reports
that provide the most current security intelligence available, ensuring
organizations understand and proactively respond to potential security
threats. HPSR will deliver this research through biweekly threat
briefings, as well as free summary briefings available to the public on
HP's website and iTunes. Premium vertical- and client-specific briefings
will be available to paid subscribers.

    "Organizations need the latest in security research to effectively
prevent, detect and combat the growing number of sophisticated threats,"
said Art Gilliland, senior vice president and general manager, Enterprise
Security Products, HP. "HP empowers clients to address the most advanced
threats by combining access to a global network of security experts and
published research with the power of that expertise built directly into
our products and services."

    Pricing and availability
 HP RepSM 1.5 will be available worldwide on
March 31. HP ArcSight Express 4.0 will also come with a free trial
version of HP RepSM.

    HP's premier Americas client event, HP Discover, takes place June 11-13
in Las Vegas.

    About HP
 HP creates new possibilities for technology to have a
meaningful impact on people, businesses, governments and society. The
world's largest technology company, HP brings together a portfolio that
spans printing, personal computing, software, services and IT
infrastructure to solve customer problems. More information about HP is
available at http://www.hp.com.

    This news release contains forward-looking statements that involve risks,
uncertainties and assumptions. If such risks or uncertainties materialize
or such assumptions prove incorrect, the results of HP and its
consolidated subsidiaries could differ materially from those expressed or
implied by such forward-looking statements and assumptions. All
statements other than statements of historical fact are statements that
could be deemed forward-looking statements, including but not limited to
statements of the plans, strategies and objectives of management for
future operations; any statements concerning expected development,
performance, market share or competitive performance relating to products
and services; any statements regarding anticipated operational and
financial results; any statements of expectation or belief; and any
statements of assumptions underlying any of the foregoing. Risks,
uncertainties and assumptions include macroeconomic and geopolitical
trends and events; the competitive pressures faced by HP's businesses;
the development and transition of new products and services and the
enhancement of existing products and services to meet customer needs and
respond to emerging technological trends; the execution and performance
of contracts by HP and its customers, suppliers and partners; the
protection of HP's intellectual property assets, including intellectual
property licensed from third parties; integration and other risks
associated with business combination and investment transactions; the
hiring and retention of key employees; assumptions related to pension and
other post-retirement costs and retirement programs; the execution,
timing and results of restructuring plans, including estimates and
assumptions related to the cost and the anticipated benefits of
implementing those plans; the resolution of pending investigations,
claims and disputes; and other risks that are described in HP's filings
with the Securities and Exchange Commission, including HP's Annual Report
on Form 10-K for the fiscal year ended October 31, 2012. HP assumes no
obligation and does not intend to update these forward-looking statements.

    Copyright 2013 Hewlett-Packard Development Company, L.P. The information
contained herein is subject to change without notice. The only warranties
for HP products and services are set forth in the express warranty
statements accompanying such products and services. Nothing herein should
be construed as constituting an additional warranty. HP shall not be
liable for technical or editorial errors or omissions contained herein.

    

Editorial contact

Michelle Doss
HP
+1 214 263 7497
michelle.doss@hp.com

www.hp.com/go/newsroom 

Copyright 2013, Marketwire, All rights reserved.

-0-