Behind the scenes at Labs
Showing results for 
Search instead for 
Did you mean: 

HP Labs-developed DNS logging security solution showcased at HP Protect 2014




Contributed by Simon Firth, freelance technology journalist


A novel HP security solution, based on research conducted at HP Labs and enabling the detection of hitherto invisible attacks on enterprise networks, was front and center at HP’s Protect 2014 security event in Washington, D.C. this week.


Called out by Senior VP and GM of HP Enterprise Security Products, Art Gilliland, in his conference keynote, the new HP DNS Logging technology is helping speed the detection of malware that typically remains hidden for months, or even years, before it is activated and discovered.


Gilliland was joined on stage by Brett Whalin, HP Chief Information Security Officer, who detailed how the concept was tested on HP’s own network, which generates some 24 billion DNS queries a day.

Art Gilliland, Sr. VP and GM of HP Enterprise Security Products and Brett Wahlin, HP CISO at the HP Protect General Session. Begin watching at the 27 min mark for the section about HP Labs.


Because of those huge volumes, Whalin noted, until now “we’ve never been able to see trends or patterns within DNS.” The new HP Labs algorithms overcome that barrier by winnowing out information known to be non-hostile and thereby massively reducing the number of records to be checked. In his presentation, Whalin shared how, in testing out an alpha version of the solution, “we were able to find a BotNet as it was happening and then go out and remediate it – and the only way we found it was through its DNS pattern.”


A major theme of Protect 2014 has been turning information into action in the security space, explained Gilliland in a conversation with Fortune published in conjunction with the conference. Intelligently processing information at volume, he said, can have dramatic results. “The year before last the mean time to [attack] detection was 416 days based on the data we’ve seen. Last year it was 243 days,” he reported. Thanks to technologies like HP’s new DNS solution – which is now available to HP customers as part of HP TippingPoint’s Reputation Digital Vaccine (RepDV) service – we can imagine reducing those times to a matter of days, Gilliland suggested.


“This innovation draws on our understanding of the nature of attacks, how to process and store a huge amount of data, how to visualize that data and draw actionable insight from it,” said Martin Sadler, VP Security and Cloud. “The DNS Logging technology from HP Labs is protecting one of the largest intranets on the planet. As a leading global research organization, at HP Labs we’re leveraging our top-caliber technical talent to invent solutions to complex problems, and then working with customers and HP’s businesses to trial and develop the concept into product to help make our online world a safer place.”



Related Links:


See Gilliland and Whalin’s keynote presentation at HP Protect.


Read the Fortune Q&A with HP Enterprise and Security chief Art Gilliland


Learn more about HP Protect 2014.



0 Kudos
About the Author


Online Expert Days - 2020
Visit this forum and get the schedules for online Expert Days where you can talk to HPE product experts, R&D and support team members and get answers...
Read more
HPE at 2020 Technology Events
Learn about the technology events where Hewlett Packard Enterprise will have a presence in 2020
Read more
View all