Attending a recent social event, I was able to get together with some major names from IT giant HP.
The four executives at the event represented some of the technology acquisitions that the company had made over the past few years, including Fortify, ArcSight, Vistorm and TippingPoint, via the acquisition of 3Com.
Speaking with Andrzej Kawalec, CTO of HP enterprise security services UK; Jason Schmitt, director of product management for HP Fortify; Frank Mong, VP and general manager of enterprise security product solutions; and Rob Greer, VP and general manager of HP Software, network security; I firstly asked the group if they felt that managing a collection of technologies would work better if they could ‘cooperate' and share information among each other.
Kawalec said that HP "looks after the biggest companies in the world and we share that intelligence deep into our capability". Greer commented that what made ArcSight great was its capability of looking into all sources, and that HP has the technologies to deliver to it.
He said: “With TippingPoint, we integrate with ArcSight to find that information to integrate to get better intelligence. It is my belief that people get in externally and each phase of technology and services gives intelligence on this. If you integrate the environment, then the game is not over.
“Do you know where the assets are? That is what ArcSight correlates and shortens the timeframe to identify and do something about it. The integration with Fortify means that security challenges can be addressed initially, so you can create a kind of ‘digital vaccine' to make changes.”
Kawalec said that the eight security offices that HP has around the world send information into ArcSight to collect and correlate information in order to get context. “Tying it all together, it can be really amazing,” he said.
Mong said that HP is focused on what the customer wants, and its ecosystem of servers means it takes the knowledge and loads it into the technology. He said: “If you look at a data breach, you don't just look at the network or the firewall or intrusion protection system, as 84 per cent of vulnerabilities are in the applications, so that is where Fortify comes in.”
Schmitt commented that HP's view on application security is not about identifying flaws, but simulating attacks, and its WebInspect technology is focused on this. Kawalec said that this offers a hosted model to allow the user to use the tool and move on.
Greer said: “We know you cannot stop and you cannot be 100 per cent secure, so we make it secure so that those who attack you give up and go somewhere else.”
HP talked up a concept called the ‘five step kill chain', which they said was the following:
Mong said that it is all about countering a threat and knowledge, and that it makes sense to protect the user and make it harder for the attacker to get in.
He said: “We put together the complete package, as it is not a case of ‘if', it is ‘when'. It is not layered defence; it is the process and what layers there are. We're putting in technology that slows the attacker down.
“We are still talking layers, but it is just tools and users need a process to understand and counteract the threat.”
Getting back to the point of technologies working together, Kawalec said that often there is "fracture points between products and services", while Greer said that often a lot of technologies do not standardise and there is too much of a trade-off between risk and accessibility.
“People don't want to pay for security, they will not compromise on performance. Security should be an enabler.”
I asked the group where they felt HP was in the security space, following on from the same question I had asked the security brands of Dell last year. Mong said that "HP has to be in security", whether it is for PCs and laptops or servers, all environments have security at the core.
Kawalec said: “No one is doing consumer, hardware, software and servers at such a massive scale. From tablet to the printer to the network, if it is running for enterprise, no one is doing it. Security is a massive market.”
Greer concluded by admitting that there are some gaps between its technologies and that the rules of the game have to change, but that "HP has the best way of addressing that".
So less a case of mind the gap in the long term, but could the company be on the lookout for those technologies where it feels it is not delivering to users in order to deliver a full package at the moment? Its acquisition strategy has been pretty quiet for a couple of years, but could things be changing?