by Sarah Kuranda
Courtesy of CRN
Hewlett Packard Enterprise rolled out a series of security updates across its portfolio Wednesday, including enhancements around HPE SecureData, HPE Fortify and HPE ArcSight.
HPE made the announcements at its HPE Protect 2016 event, where it hosted an estimated 2,000 users in National Harbor, Md., this week.
With the product launches and integration, Palo Alto, Calif.-based HPE looks to set itself apart in a crowded market by moving security offerings closer to what matters to organizations, with more power and simplicity, said Chandra Rangan, vice president of marketing of enterprise security products.
“Security needs to get closer to what matters most to organizations and attackers,” Rangan said. “Attackers are really going after data…and applications are getting less secure, not more secure….Our whole value is to get security closer to the data…and invest heavily in operations for detecting and responding to threats.”
The launches are the first new products since HPE announced the spin-out of its “non-core” software assets to Micro Focus in a $8.8 billion merger deal. HPE confirmed in an email that the new products launched at HPE Protect will fall under that deal but product names will remain the same for the time being.
HPE unveiled two updates to its HPE ArcSight platform with the launch of HPE ArcSight Data Platform 2.0. The first update, which Rangan said added “visibility without boundaries,” increases the speed and scalability of data collection and management by around 50 percent. By doing that, Rangan said companies using the ArcSight platform will have stronger capabilities for bulk data collection and management, as well as security analytics. The 2.0 update also opens up the SIEM solution to third-party integration, allowing partners to connect it to any data source from other vendors. That gives partners flexibility in where the data is coming from, where it can be analyzed and where it is stored, Rangan said.
For partners, Rangan said the updates to ArcSight allow them to seamlessly build out security services for customers in a way that fits their existing environment and leverages the full power of big data and analytics for security.
“We view this is how we make this easier for our channel partners to provide these security services, more powerfully and intuitively. The cost and complexity goes down, but the value goes up,” Rangan said.
HPE also launched the HPE Fortify Ecoystem and Fortify on Demand continuous application monitoring service. Rangan said the new recurring revenue service allows partners to ramp up customers’ application security by integrating security through the entire development life cycle. By doing so, partners can spot and fix vulnerabilities during the development process and after it is put into the customer’s environment, with discovery, scanning and runtime detection capabilities, he said.
The HPE Fortify Ecosystem works to make it simpler for security to get built in during the DevOps process, with integrated systems in functional categories such as cloud, containers, security, open source and more.
Dennis Hurst, president and founder of Atlanta-based Saltworks Security, a longtime HPE partner, said this type of solution is especially important as customers move to a more rapid development cycle. With the continuous application monitoring service and HPE Fortify Ecosystem, Hurst said Saltworks Security can help customers rapidly catch vulnerabilities and remediate them in production.
“The world has really changed, as we see it. You used to have a point where an application was ready to go live and security would have to come in and bless the application….What we see now is that is not the [case]. The focus now is to ensure we have an ecosystem to make secure applications and monitor…so you don’t have to stop on your way out the door,” Hurst said.
Hurst said he hopes HPE continues to reduce friction for adding security to application development , particularly around integration and automation.
Finally, HPE unveiled the native integration of HPE SecureData and the HPE Atalla Hardware Security Module. Rangan said this integration is important because its creates true end-to-end encryption protection wherever the data sits, from the device to the cloud. He said that will help partners move away from a “walls and silos” approach to data security toward a more open architecture with greater flexibility and simplicity.
The HPE SecureData and HPE Atalla Hardware Security Module integration will be available globally on Sept. 21, the company said. The HPE Fortify Ecosystem and continuous application monitoring service are currently available globally. The HPE ArcSight Data Platform 2.0 will be available globally on Oct. 5, the company said.