HP uses big data to detect persistent threats

There is no shortage of vendors offering big data analytics solutions designed to help enterprise companies enhance revenue-boosting decision processes, but Hewlett-Packard is extending big data analytics capability further to security applications.

The Palo Alto, Calif.-based company today announced upgrades to its HP ArcSight portfolio that includes capabilities for unified security analytics for big data as well as expanded monitoring features to speed up detection of persistent threats.

“Adversaries only need to get it right once to invoke serious damage on an organization’s private data,” said Haiyang Song, vice-president of ArcSight enterprise security products at HP. “With solutions designed to enhance threat detection through improved security analytics for big data, HP (NYSE:HPQ) enables customers to quickly identify potential attackers and take action proactively.”

The upgrades include:

  • Out-of-the-box threat profiles and threat profile intelligence for HP ArcSight Threat Detector 2.0
  • HP ArcSight Threat Response Manager 5.5 gets cloud-ready, closed-loop capabilities for faster threat detection and response time to mitigate advance persistent threats (APT)
  • Enhancements to HP ArcSight IdentityView 2.5 which now has expanded correlation of user identity, roles and activities across events and other security incidents

With unified analytics from applications, users, networks and systems, HP provides a unique portfolio of solutions integrating information security with big data, HP said.

“Collectively, these solutions process events at scale, provide deep insights out-of-the-box, correlate user context and provide actionable intelligence to reduce the risk of APTs,” HP said in a statement.

With the launch of HP ArcSight IdentityView 2.5, HP also expanded the number of users that a single instance can monitor by 10 times.

If a user’s activity on the network does not correspond to permitted access controls and baseline bahaviour based on historical correlation data, the solution will flag the profile for further investigation. This would allow the company’s security operations team to identify intentional versus unintentional activities and mitigate potential threats in real-time.

HP ArcSight Identify View v2.5, HP ArcSight Threat Response Manager and HP ArcSight Threat Detector v2.0 are now available worldwide.



Related Download
A Guide to Print Security for Canadian Organizations Sponsor: HP
A Guide to Print Security for Canadian Organizations
IT security vulnerabilities are a growing cause for concern for organizations trying to protect their data from printer breaches.
Register Now