© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Enterprise Security Products How to Protect your Data with HP Enterprise Security
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Enterprise Security Products How to Protect your Data with HP Enterprise Security
Nature and motivation of attacks(Fame to fortune, market adversary)
1
Transformation of enterprise IT(Delivery and consumption changes)
2
Regulatory pressures(Increasing cost and complexity)
3
Challenges you are facing
Research
InfiltrationDiscovery
CaptureExfiltration0
Consumption
Traditional DC Private cloud Managed cloud Public cloud
Virtual desktops Notebooks Tablets Smart phones
Delivery
Basel III
Market with distinct process
Actors organize and specialize
Intelligence is bought and sold
Defining the adversary
Cybercriminal
Nation stateHacktivist
The
adversar
y
Attack Life Cycle
Research Potential Targets
Research InfiltrationPhishing Attack and Malware
MonetizationData Sold on Black Market
DiscoveryMapping Breached Environment
CaptureObtain data
Exfiltration/DamageExfiltrate/Destroy Stolen Data
Unknown, but likely phishing
attack, insider or web exploit.
Admin credentials stolen.
InfiltrationPhishing Attack and Malware
Attackers obtain Sony IT asset
maps, admin usernames and
passwords, certificates and
RSA SecurID tokens
DiscoveryMapping Breached Environment
Malware exfiltrates
and overwrites data
on drives
Exfiltration/DamageExfiltrate/Destroy Stolen Data
Malware deployed
to map network,
propagate, steal
data
CaptureObtain data
Theft of email, trade secrets,
unreleased films
Attackers send blackmail
(11/21/14) email and start
posting files (11/26/14)
Compromised technology forces
Sony to use archaic business
methods, impeding operations
MonetizationData Sold on Black Market
Attackers target key Sony
employees
Sony network security audit
reveals that a firewall and 100
network devices were not
properly monitored and threats
were not reported. (9/25/14)
Research Potential Targets
Research
Attack Life Cycle of the Sony Breach
Unknown, but likely phishing
attack, insider or web exploit.
Admin credentials stolen.
InfiltrationPhishing Attack and Malware
Attackers obtain Sony IT asset
maps, admin usernames and
passwords, certificates and
RSA SecurID tokens
DiscoveryMapping Breached Environment
Malware exfiltrates
and overwrites data
on drives
Exfiltration/DamageExfiltrate/Destroy Stolen Data
Malware deployed
to map network,
propagate, steal
data
CaptureObtain data
Theft of email, trade secrets,
unreleased films
Attackers send blackmail
(11/21/14) email and start
posting files (11/26/14)
Compromised technology forces
Sony to use archaic business
methods, impeding operations
MonetizationData Sold on Black Market
Attackers target key Sony
employees
Sony network security audit
reveals that a firewall and 100
network devices were not
properly monitored and threats
were not reported. (9/25/14)
Research Potential Targets
Research
Estimated damages of $100M
MonetizationData Sold on Black Market
Threat IntelligenceHP Security Research
Detect AdversaryHP ArcSight
Research Potential Targets
Research
Block Adversary• HP TippingPoint• HP Fortify
InfiltrationPhishing Attack and Malware
DiscoveryMapping Breached Environment
Protect DataHP AtallaHP Voltage
CaptureObtain data
Attack Life Cycle
Exfiltration/DamageExfiltrate/Destroy Stolen Data
ActionHP Services
HP Security Research
Ecosystem
Partner
ESS
HP Security Research
SANS, CERT, NIST, ReversingLabs, software, and reputation vendors
• ~3000 researchers
• 2000+ customers sharing data
• 7000+ managed networks globally
• Automatically integrated into HP products
• HP finds more vulnerabilities than the rest of the market combined
• Top security vulnerability research organization for the past four years —Frost & Sullivan
Actionable security
intelligence
Thought Leadership
Innovative Research
HP TippingPointA layered approach to Network
Security when Every Second
Matters
Integrated
PolicyIntegrated
Policy
Advanced Threat Appliance (ATA)
• Superior detection over 80 protocols
• Defense against “patient zero” infection and
lateral spread
In-line Threat Protection with Next-Generation Intrusion Prevention• Inspects network traffic and blocks
against known vulnerabilities
• Reliable network uptime track record
Next-Generation Firewall
• NGIPS with enterprise firewall
• Granular application visibility and
control
Digital Vaccine
Labs• Industry-leading security
intelligence
• Delivery zero-day coverage
Security Management
System• Centralized management across NGIPS
and NGFW
• Single console to deploy devices and
policies
Swiss Federal Railways
“After a rigorous open bid process with lab
tests utilizing our own network traffic, we
selected the HP TippingPoint Next
Generation IPS 7500NX. We searched for an
IPS with minimal administrative effort, and
this solution allows us to protect our network
infrastructure using TippingPoint’s easy-to-
use but powerful security policies.”
—Erwin Jud, Lead Engineer for IPS Project
HP Fortify helps you protect your
applications
Assess
Find security vulnerabilities in any type of software
Assure
Fix security flaws in source code before it ships
Protect
Fortify applications against attack in production
Software security assurance
Application assessment
Application protection
In-house
Outsourced
Commercial
Open source
What is the worst??
23 April 2013: el twitter de AP fue hackeado y publicóuna nota falsa… Las bolsas
sucumbieron
HP Application
Defender
1,2,3
ProtectionStop attacks from inside the application
VisibilityActionable information through interactive dashboards and alerts
SimplicityInstall quickly and easily with a three-step deployment, get protection up and running in minutes
HP Application DefenderApplication Security Simplified
average time to detect
breach
229days
2013 January February March April May June July August September October November December 2014 January February
March April
Total Ammunition
Management Information
System (TAMIS) “It is this balancing act between fix and function that must be continually orchestrated for ongoing secure operations. The challenges of implementing an application security regimen on an already deployed web application—one that’s undergoing continual development, mind you—required a cultural shift to be incorporated into our development process. Once the commitment is made, I recommend that organizations going down our road pursue change quickly, adopt best practices, and then follow through. That’s the secret of our success with HP Fortify Software Security Center.” — Bob Torche, TAMIS Project
Manager.
HP ArcSight
Transform Big Data into
actionable security
intelligence
Collect
Real-time correlation
of data across devices to find
threats
Analyze
Cyber forensics,
fix what matters most first
Prioritize
Act with laser clarity against threats that matter
HP ArcSight Smart Connectors
BMW Group
“ArcSight ESM enables us to effectively
analyze our log data and know what’s really
happening on our network. We are able to
raise awareness within our organization,
comply with our own global IT security
policy, and meet audit reporting needs - and
in the process, we’ve become a business
enabler.” — Marc Seiffert, Senior IT Specialist,
BMW Group
Payments Security Cloud and Data Security
Information Protection & Control
Encrypt and manage keys
for data at rest and data in
public, private and hybrid
Clouds
Data classification and
security at the point of
creation for sensitive data
throughout its lifecycle
Secure payments and
transaction systems
v
HP AtallaHelps you secure your sensitive
information
80% of enterprises
16% reported a breach or exposure event
use cloud computing
“As the largest processor of Visa debit transactions
globally, Visa Debit Processing Services is
responsible for securing more than 23 billion debit
transactions in the U.S. and prepaid transactions in
the U.S. and Canada on an annual basis. HP Atalla is
a critical piece of our enterprise IT portfolio, delivering
innovative security solutions with the operational
excellence, performance and reliability that helps Visa
DPS enable secure access to business-critical
payment processing data.”
— Chris James, Senior Vice President
Product Development, Issuer Processing, Visa Inc.
Visa
130
%
Since 2009, time
to resolve an
attack has
grown
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Gracias!
Luis MartínezProduct Manager HP Security