September 2, 2015
Today at HP Protect, the company’s annual enterprise security user conference, HP is unveiling new offerings that centre on security analytics and are designed to help organizations shift from legacy security methods to a modern approach that focuses on protecting the interactions among users, applications and data to help protect enterprises’ most valuable assets.
Organizations, said HP, are inundated with security data on a daily basis and face the challenge of translating this data into meaningful insights to proactively manage threats that pose legitimate risk.
“Breach detection is top of mind for security buyers and the field of security technologies claiming to find breaches or detect advanced attacks is at an all-time noise level,” said Eric Ahlm, research director at Gartner, in a recent Gartner press release. “Security analytics platforms endeavor to bring situational awareness to security events by gathering and analyzing a broader set of data, such that the events that pose the greatest harm to an organization are found and prioritized with greater accuracy.”
One study found that organizations receive an average of 17,000 malware alerts per week, and spend an average of US$1.27 million annually in time and resources responding to inaccurate and erroneous threat intelligence.
Due to the volume of data that enterprise security professionals must monitor, approximately 4% of all malware alerts are actually investigated, leaving a significant gap in security coverage. Additionally, traditional endpoint security solutions and manual intervention are not intercepting all critical malware infections, leaving organizations further exposed.
To help organizations automate the analysis of threat data, HP introduced HP DNS Malware Analytics (DMA), which is designed to identify infected hosts by inspecting an enterprise’s DNS traffic. Developed in partnership with HP Labs, HP’s central research organization, and HP’s internal Cyber Defense Center, this clientless, algorithmic-driven service uncovers infected hosts without endpoint agents, helping organizations quickly detect high-risk threats, reduce data breach impact and enhance overall security posture.
“Organizations today are faced with growing volumes of security data and without the ability to separate the signal from the noise they can fall victim to undetected malware attacks, which can have serious financial and operational impact,” said Sue Barsamian, senior vice president and general manager of enterprise security products at HP.