Beruflich Dokumente
Kultur Dokumente
We all know the security market has changed. There are more threats than ever before.
Cyber-crime is on the rise and the rewards for cyber-criminals is greater than ever
Likewise, impact to corporations is greater than ever
In the news: Sony Playstation, Epsilon, Citigroup
New cyber-criminals are well funded, coordinated, and more sophisticated
Organized crime
Nation-state sponsored
Political hacktivists
Clearly, the traditional approach is not working
Cyberkriminalitt ist im Vormarsch und der Gewinn fr Kriminelle war nie grer
Ebenso ist aber auch der Druck auf die Firmen noch nie grer gewesen
Wir sehen Firmen wie Sony, Citigroup, RSA usw. in den Schlagzeilen wie sie
anscheinend von einer Meute gezielt gehetzt und erlegt werden
Internet Kriminelle sind sowohl finanziell als auch technisch gut ausgerstet und mit jeder
Krise stehen mehr gut ausgebildete Personen zur Verfgung
Wir sehen uns sowohl mit organisierter Kriminalitt konfrontiert als auch mit von
Staaten gesponsorten Angriffen sowie politisch motivierten Attacken
Es ist offensichtlich, da der bisherige Ansatz gescheitert so nicht funktioniert
Regulatory Pressures
(Increasing cost and complexity)
Government-imposed complicance requirements
Using compliance to define your security strategy sets a low barthe last place
you want to be in this environment
Your security effectiveness is only as good as the security research behind it and DVLabs
has been the industry leader for years. In addition to our own in-house security
researchers, DVLabs manages Zero Day Initiative (ZDI) which is a global organization of
researchers constantly looking for new application vulnerabilities:
Plus, over 2000 customers leverage and contribute information to our ThreatLinQ security
portal. ThreatLinQ houses up to the minute security information from around the globe
that customers have access to 24 hours a day, 7 days a week.
We also partner with other leading research organizations like SANS, CERT and NIST to
consolidate security intelligence resulting in the most advanced intelligence network
anywhere in the world.
10
We package our software to meet the needs of our customers, recognizing that everyones
starting place and journey may be different.
In 2011 HP pioneered the idea of the worlds first Performance System for IT the IT
Performance Suite. In just 12 months, HPs IT Performance Suite has helped IT departments
improve the performance of IT outcomes while lowering costs and increasing business
alignment.
With the acquisitions of Autonomy, Arcsight and Vertica were now ready to able to offer
performance systems tailored to the needs of Security, Legal and Marketing professionals, to
ensure that no matter what, your applications and information work for you.
These HP Performance Systems combine HP software and expertise to develop and run the
best applications and deliver insight in real time from 100% of your information, all while
ensuring your IT assets are secure, reliable and compliant.
All supported by the industry leader in customer satisfaction for enterprise software as well as
a global partner ecosystem.
And were proud to have a portfolio that is open and flexible enabling you to run our software in
diverse environments on your infrastructure or in the cloud, easily integrating to your systems
and data sources, all while taking advantage of some of the most innovative computer science
and mathematics breakthroughs covered by over 2000 patents and patents pending.
11
12
Fortify gives you advanced technologies to ensure your applications are secure. Fortify
inspects applications at the source code level (static testing) and while they are running
(dynamic testing). Fortify supports more languages than any other application security
vendor with significant strengths in the area of mobile application security. But its not
just built for custom applications, Fortify and determine if vulnerabilities exist in
commercial, custom and open source activities. And even more differentiated, Fortify can
be delivered as a software you purchase or as a service. With unmatched flexibility and
depth of coverage, Fortify ensures you have a world class application security program in
place.
13
The ArcSight solution gives you the ability to collect information from any device, any time
any where to ensure you have complete enterprise security visibility. Whats more,
ArcSight is supported by the revolutionary CORR Engine which delivers industry leading
correlation speeds with significant storage requirement decreases from prior versions.
The ArcSight solution allows you to capture logs, correlate events, monitor applications,
check for fraud and manager uses and controls.
Focusing on turning information into intelligence, the ArcSight solution stands apart in the
industry
14
15
WebAppDV Scan a web application for vulnerabilities and based on the results custom
signatures or filter can be created to protect the web application by preventing traffic
passing through that are trying to exploit the vulnerability.
Good for inhouse applications.
Its a service.
16
17
18
19
20
21
22
Slide 22
A1
Philippa this is Deb. Tomas says, "this is an image pulled from the Internet and may be copyrighted.
Philippa could you put in some kind of image similar to this suggesting a hacking activity, but something
aesthetically pleasing?"
Author, 03/02/2014
The intelligence that comes to TC will be normalized so relevant data such as IP addresses
and file hashes can be isolated and distributed to companies to feed for example their
ArcSight SIEM and TippingPoint devices.
23
24
25
3 companies. All 3 have different products, and security profiles. Company A detects a new
zero day and shares that with Threat Central. Companies B and C both receive an event
with the actionable indicators from company As submission.
Company B detects a malware variant that is not discovered in company A or C.
And so on
26
E.g. One for UK Gov, one for US Gov, one for Financial organisations, one for
telcos or even smaller communities or larger communites.
27
28
29