HP Helps IT Leaders Prioritize Security Risk with New Dashboard

  • By Dian Schaffhauser
  • 03/01/12

After going on a buying spree for companies in the security space in 2010, HP has begun releasing a new generation of security products based on those acquired technologies. During this week's RSA Conference 2012 in San Francisco, the company announced an upcoming risk management dashboard for use by senior IT and security leaders, a security monitor specifically to deal with attacks against applications residing on servers, and a set of services and software addressing mobile security.

HP EnterpriseView, the dashboard product, provides real-time graphical identification of risks to the business from within the IT infrastructure. Data is pulled from multiple sources, including risk and vulnerability assessments, security configuration management monitoring, and compliance auditing, to generate an all-around prioritized view of IT-based organizational risk. According to HP, risks are ranked in a "risk register" based on properties set out by the Common Vulnerability Scoring System, an international standard for rating IT vulnerabilities, as well as by unique weightings determined by the institution's IT leadership.

The browser-based dashboard treats devices, risk models, and policies as objects that can be dragged and dropped into specific areas of the institution. For example, if a new regulation has surfaced that affects campus operations, a policy could be created and "dropped" into that specific organization to be applied to all IT resources and users in that department.

HP's Application Security Monitor (AppSM) taps into Fortify and ArcSight, two acquired products, for monitoring of threats in applications, such as data theft. It provides a central post from which to do searching, reporting, and analysis of Java- and .NET-based applications during runtime across multiple environments, including mobile. Its use requires no custom coding within the applications being monitored, and it can be applied to applications built in house or purchased from a third-party. However, customers will need to have a version of ArcSight deployed in order to use AppSM.

The company said pricing for HP EnterpriseView will start at $250,000. Pricing for AppSM will start at $5,000 per application server. Both offerings are expected to be available soon.

HP Mobile Application Security, currently available, is built on Fortify technology and uses HP security services to provide security checking of code used in Android and iOS apps. That security check can encompass the device, the operating system, communications, apps, integrations, or network code. The company does testing of apps built in-house, from open source, from outsourcing service providers, and from "off the shelf." Pricing is based on client requirements.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • person signing a bill at a desk with a faint glow around the document. A tablet and laptop are subtly visible in the background, with soft colors and minimal digital elements

    California Governor Signs AI Content Safeguards into Law

    California Governor Gavin Newsom has officially signed off on a series of landmark artificial intelligence bills, signaling the state’s latest efforts to regulate the burgeoning technology, particularly in response to the misuse of sexually explicit deepfakes. The legislation is aimed at mitigating the risks posed by AI-generated content, as concerns grow over the technology's potential to manipulate images, videos, and voices in ways that could cause significant harm.

  • glowing AI brain composed of geometric lines and nodes, encased within a protective shield of circuit patterns

    NIST's U.S. AI Safety Institute Announces Research Collaboration with Anthropic and OpenAI

    The U.S. AI Safety Institute, part of the National Institute of Standards and Technology (NIST), has formalized agreements with AI companies Anthropic and OpenAI to collaborate on AI safety research, testing, and evaluation.

  • a glowing gaming controller, a digital tree structure, and an open book

    Report: Use of Game Engines Expands Beyond Gaming

    Game development technology is increasingly being utilized beyond its traditional gaming roots, according to the recently released annual "State of Game Development" report from development and DevOps solutions provider Perforce Software.

  • translucent lock composed of interconnected nodes and circuits at the center

    Cloud Security Alliance: Best Practices for Securing AI Systems

    The Cloud Security Alliance (CSA), a not-for-profit organization whose mission statement is defining and raising awareness of best practices to help ensure a secure cloud computing environment, has released a new report offering guidance on securing systems that leverage large language models (LLMs) to address business challenges.