Hewlett Packard Enterprise Announces New Security Solutions for Enterprise IT

SAN FRANCISCO, CA: Hewlett Packard Enterprise (HPE), a provider of information technology and services, announces new cyber reference architecture (CRA), mobile security solutions and an expanded ecosystem of partners that enable organizations to build protection into the fabric of their enterprise IT.

The HPE security helps organizations design security and risk management processes into IT operations by stopping attacks using its comprehensive detection and response capabilities.

Given the increased growth of connected devices with the emergence of Internet of Things (IoT), security professionals are challenged with identifying risks related to business critical assets without suppressing innovation. According to a report by IDC, the assessment of IoT devices along with the need to mitigate risks associated with IoT is prompting organizations to gain visibility into network traffic generated by these connected devices. HPE aims to resolve these issues by:

Providing a Framework for Building in Cyber Resiliency

 HPE introduces the HPE Cyber Reference Architecture, a comprehensive information security framework designed to help build resiliency into organizations to stop most complex security threats. Comprising 12 domains, 63 sub-domains and over 350 distinct security capabilities, the HPE Cyber Reference Architecture defines solutions to today's most complex cyber security challenges, including cloud, mobility, Machine-to-Machine (M2M) and Internet-of-Things (IoT).

Building Security into the Mobile Landscape

 In a recent research study, HPE inferred that many mobile applications collect huge quantities of data from users and do not take the precautionary measures to protect this sensitive information. This led HPE to introduce its HPE Security Fortify on Demand to scan more than 36,000 iOS and Android mobile apps, and reveal the impact of increasing data collection, as well as recommendations for how organizations, mobile application developers and enterprises can better protect their data.

For security of mobile applications HPE introduces HPE SecureData Mobile, an end-to-end data encryption solution designed to protect sensitive information in mobile environments. This offering enables organizations to build data security into their mobile applicationsand safeguard the data throughout its full lifecycle extending security beyond traditional technologies such as TLS, VPN, and storage encryption. It also leverages HPE Format-Preserving Encryption, a standards-based encryption to make only minimal modifications to existing applications, while providing data security for mobile applications or mobile purchases.

Expanding the ArcSight Ecosystem for Enhanced Detection and Response

HPE announces a number of new ArcSight-powered offerings and strategic partnerships that promote collaboration among security leaders in the industry:

-HPE Security ArcSight & HPE Security Services: United Defense
HPE announced the continued evolution of its Threat Defense Services portfolio, which includes security monitoring and managed Security Information and Event Management (SIEM) services powered by HPE Security ArcSight. Enhancements to the services portfolio include automated security alerting services, security investigation and response, attacker profiling and user behavior and malware analytics solutions. 

-HPE & Aruba ClearPass: Mobility Made Safe
HPE Security ArcSight now has deeper two-way integration with Aruba ClearPass. Building on the capability for HPE Security ArcSight to consume event, user and device context from ClearPass, ArcSight now also allows the security analyst to quarantine or remove endpoints from a network via ClearPass when malicious behavior is detected.

-HPE Security ArcSight & vArmour: Securing the Enterprise Cloud
With vArmour DSS, users of HPE Security HPE Security ArcSight ESM now gain visibility into application communications from every workload across public and private clouds. Organizations will also be able to respond in real time to advanced persistent threats that are identified by HPE Security ArcSight ESM by making policy changes using vArmour's application-aware micro-segmentation -- stopping an attack. 

-HPE Security ArcSight & Fortinet: Enhancing Device Visibility
The pairing of HPE Security Logger and Fortinet FortiGate will deliver a security bundle from two leaders in security that goes beyond the firewall to provide in-depth visibility of all devices across an organization. With this partnership, enterprises can capture, store and analyze security events for accelerated investigation and forensics, while supporting compliance needs. 

-HPE Security ArcSight & IT-ISAC: Sharing Actionable Intelligence
HPE Threat Central, a community-sourced security intelligence platform that incorporates dynamic threat analysis with its product agnostic approach and support for industry standards such and STIX and TAXII,HPE Threat Central provides derived, relevant and actionable intelligence through both machine-machine and human-human interfaces.

-HPE Security ArcSight & PwC: Enhancing Network Visibility
PwC's Cyber Security & Privacy practice now includes the HPE DNS Malware Analytics (DMA) solution in its Security Assessment Services portfolio. This will provide enhanced network visibility to PwC's client organizations allowing them to more easily detect and identify hosts infected with malware, bots or other unknown threats.

"The traditional bolt-on method of enterprise security, emphasizing network defense and perimeter control, is proving to be insufficient against today's radically changing threat landscape," says Sue Barsamian, senior vice president and general manager, HPE Security Products, Hewlett Packard Enterprise. "Organizations need a risk and resiliency roadmap that goes beyond this traditional focus and builds security into every layer of the IT stack -- from the infrastructure to the apps to the data -- along with comprehensive detection and response capabilities that will drive the next generation of intelligence-driven security operations."