Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

HP ESP security integrations, pt 2: Dynamic protection with HP Fortify and TippingPoint

markpainter ‎07-10-2014 07:38 AM - edited ‎06-11-2015 09:37 AM

Communication of vulnerability information remains a key challenge of the security industry on a variety of levels.  On the product level, a lack of communication can be the difference between preventing a successful attack or not. Nothing quite reveals this potential hole like applications.  Application security requires constant testing and reevaluation because of frequently changing variables.  What unintended security consequences did change X cause? What old technology is suddenly vulnerable to a new attack? What unintended access points did our developers inadvertently leave open? So, dynamic application security testing of production applications is a key component of achieving software security, especially when considering applications remain the number one reason organizations suffer successful data breaches.  Utilizing the information discovered by application testing can be tricky, though.

 

For instance, what happens between the time you discover an application vulnerability and can actually fix it in production code? For most organizations, it’s a white knuckle moment because the chances of it being actively exploited are high and fixes in production code can take weeks to implement. In other words, you’re exposed. However, customers of HP Fortify and HP TippingPoint can respond dynamically to newly discovered threats and protect themselves during this critical time via the creation of custom virtual patches. How does this process work? Quite simply, actually. HP WebInspect can perform an automated penetration test of a production web application to determine what vulnerabilities it is susceptible to. Information about the vulnerability will include how it’s executed, its implications, and how to fix it.  It can then export that vulnerability information in a format HP TippingPoint Security Management System can understand. HP TippingPoint SMS can then activate and distribute custom filters to managed TippingPoint products to protect against the vulnerabilities discovered during the HP WebInspect dynamic security scan.

 

The advantages of this integration are several. For obvious starters, this provides protection during the time it takes for development to craft fixes for the vulnerabilities. Sometimes code fixes are not easy to implement in a timely fashion.  In a world where even one vulnerability can lead to a complete compromise, the importance of being able to virtually patch vulnerabilities can’t be understated. Another advantage is the simplicity with which the software solutions can be implemented. These virtual patches can be created with a few simple clicks. As well, these integrations are out of the box, meaning no extra licensing is required. Finally, these integrations also serve as part of a larger strategy within HP ESP.  Bringing together different security technologies to create a holistic method of security that realistically deals with how attacks occur in the real world is the driving impetus and ultimate goal behind what we do here. And products that share information is a key part of that.

 

To watch a more in depth demonstration of how integrated HP Fortify and HP TippingPointtechnology can protect an organization from critical vulnerabilities like SQL Injection, watch the video at the following link:

http://1drv.ms/1qUVOhT

 

 

 

0 Kudos
About the Author

markpainter

Events
Aug 29 - Sep 1
Boston, MA
HPE Big Data Conference 2016
Attend HPE’s Big Data Conference on August 29 - September 1, 2016 to learn from peers in every industry and hear from Big Data experts and thought lea...
Read more
Sep 13-16
National Harbor, MD
HPE Protect 2016
Protect 2016 is our annual conference on September 13 - 16, 2016, and is the place to meet the world’s top information security talent, discuss new pr...
Read more
View all