Menu
HP beefs up enterprise security suite with tools to root out malware, app vulnerabilites

HP beefs up enterprise security suite with tools to root out malware, app vulnerabilites

The Fortify app testing service has gained machine learning analysis capabilities

Hewlett-Packard has devised two new ways of securing enterprise systems in the endless war on malicious network attackers.

One service inspects the Internet addresses being requested by employees for malicious links and the other service learns how an organization's coders write their programs.

The two new releases aim to "protect the interactions among your most valuable assets: your users, your applications and your data," said Frank Mong, HP vice president of solutions. The company announced the new software at the HP Protect security conference, held this week near Washington.

HP DNS Malware Analytics (DMA) monitors outbound DNS (Domain Name System) requests to ensure employee browsers aren't contacting rogue or malware Web sites. A DNS server provides specific numeric Internet addresses to end-user computers requesting Web sites by their domain names.

The service identifies those Web addresses that appear to be linked to suspicious activity. DMA combs through petabytes of DNS data collected by HP to identify suspicious or known malicious sites. Attempts to visit these blacklisted sites point to the possibility that malware is about to be installed on the user's machines.

"We can see the machine calling out, and we can stop the payload from being downloaded," Mong said.

The software uses an algorithmic engine to spot malware, drawing data from large numbers of DNS transactions collected by HP and its customers. This approach is superior to malware software that relies on a set of pre-determined rules, and thus can't be updated quickly enough to spot emerging threats, according to the company.

DMA is designed to work with HP ArcSight, a software suite for managing overall enterprise security. Earlier this year HP introduced capabilities in ArcSight, called HP User Behavior Analytics (UBA), that can determine if a user's credentials have been hijacked for malicious use. BMA and UBA can work together to prevent attackers from gaining entry into the internal network.

The job of spotting malware attacks is big one, and lots of time is wasted on tracking down false alarms. On average over 17,000 malware alerts are issued per week, and organizations spend an average of $1.27 million annually responding to erroneous threat intelligence, according to the security research firm Ponemon Institute. An algorithmic approach could cut down on the number of false positives, the company said.

HP has also updated its HP Fortify software with a new set of analysis tools. Fortify is a set of services and software for inspecting code to ensure it does not have bugs that could be exploited by malicious users.

The new analysis technique, now available on the Fortify service, uses machine learning algorithms to understand how an organization's developers write their applications, so it can more quickly identify common mistakes.

"Our machine learning capabilities allow the core engine to keep learning from typical coding mistakes, so we can scan faster, and we get much more accurate results," Mong said.,

The service can be inserted into the typical testing processes that new applications undergo before being deployed.

HP DNS Malware Analytics service, available on September 15, will start at US$80,000 a year, for analyzing up to 5 million DNS packets per day. The HP Fortify scan analysis software is now available as a new feature on the HP Fortify on Demand service.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Slideshows

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

Ingram Micro completed its nationwide roadshow in Auckland last month, kicking off its Innovation Hour series with Hewlett Packard Enterprise. Uncovering the latest in storage, networking and servers, the event outlined key market trends for resellers in 2016 and beyond.

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise
IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

FireEye welcomed 143 channel partners and distributors to FireEye's 2016 annual Partner Conference, FireEye A/NZ Momentum - held at Establishment in Sydney. Delegates heard from senior trans-Tasman channel leaders, marketing and the product divisions in the morning, with FireEye customers, incident responders and threat intelligence analysts sharing knowledge during the afternoon.

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference
​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

With New Zealand businesses now open to innovation, the industry sits on the cusp of significant disruption in the data centre. Driven by software-defined networking, the future of the data centre is fast becoming reality, as the channel seeks to keep up, keep innovating and keep growing. APC by Schneider Electric, Lenovo and key partners outlined how the channel can capitalise at The Grill restaurant in Auckland.

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​
Show Comments