HPE Software Blog: Protect Your Assets
Share |

4 things to know about the latest nation state attackOpen in a New Window


CloudHopper. The name sounds innocuous but this is a fairly scary attack hitting managed service providers (MSPs). Like your typical advanced attack, the CloudHopper campaign begins with phishing and includes malware, and the attack ends with data exfiltration. Unlike your typical advanced attack, clients of vulnerable MSPs are compromised from a trusted network. Here are the 4 things you should know about this nation state attack.


At HPE, Strong AES FF1 Crypto and NIST Standards MatterOpen in a New Window


On April 12th, 2017, the National Institute of Standards and Technology (NIST) announced a cryptanalytic attack on the AES FFX Format-preserving Encryption (FPE) mode FF3, and as a result, NIST may revise Special Publication 800-38G, the document that specifies approved AES FFX FPE modes. The good news is this announcement has no impact on HPE SecureData customers who use AES FFX Format-preserving Encryption mode FF1.


Comprehensive threat detection, analysis, triage, and compliance management--with ArcSight ESMOpen in a New Window

As we continue to improve the solutions we provide enterprises, we have released our latest update to ArcSight Enterprise Security Manager—better known as ESM.


ArcSight activate!Open in a New Window


This paper briefly examines Defense in Depth (DiD), also known as the “castle approach,” then defines Defense Monitoring in Depth (DMiD). Often, DiD is described as deploying multiple layers of security controls or defenses with the hope that if an attack breaches one layer, the next layer may stop or delay the attack.


HPE Security Fortify 17.1 product release announcementOpen in a New Window

hpe logo.png

HPE Security Fortify is pleased to announce the immediate availability of HPE Security Software Security Center (SSC) and HPE Security Fortify Static Code Analyzer (SCA) 17.1, HPE Security Fortify WebInspect and HPE Security WebInspect Enterprise 17.1, and HPE Security Fortify Application Defender releases updates monthly.


Malware monitoringOpen in a New Window


The debate about whether antivirus software is still useful has been going on for a few years now. In spite of lots of advancements, identifying each and every attack is still beyond the scope of antivirus solutions. At least it seems reasonable to infer that based on the major breaches we have seen to date.


Digital transformation: Defining the next wave of cybersecurityOpen in a New Window



Earlier this year, I had the opportunity to present at Cybertech 2017, the largest security conference of its kind outside of the United States.


Application Defender protects against critical Struts exploit CVE-2017-5638Open in a New Window


On March 7, 2017, a zero-day exploit was released which targets the popular Apache Struts framework.  This vulnerability is identified by MITRE advisory CVE-2017-5638, and is a critical issue which teams should address immediately to prevent HTTP response stream modification, as well as OS command execution on the application server. 


Securing innovationOpen in a New Window

securing innovation.PNG

Why is innovation together with security so important?  To win in the marketplace, businesses must grow and innovate. To succeed, they must adopt new technologies, innovate with new products, and find new partners to expand their business.


Government-wide software agreement between GSA and HPE could save millionsOpen in a New Window

money eye.png

A recent government-wide software agreement between HPE and GSA has enormous savings potential. With the implementation of HPE Software products and services, federal agencies can expect to save more than $100 Million through cost-avoidance alone! This is in addition to the $50 Million in acquisition savings.  


HPE Security Fortify Software Security Content Critical Advisory SupportOpen in a New Window

hpe logo.png

HPE Security Fortify Software Security Research (SSR) is pleased to announce the immediate availability of an update to HPE Security Fortify WebInspect SecureBase (available via SmartUpdate). This update includes support for critical Apache Struts 2 vulnerability (https://struts.apache.org/docs/s2-045.html). The vulnerability is identified by MITRE advisory CVE-2017-5638.


Transforming government through secure innovationOpen in a New Window



With 6 tracks to choose from at the HPE Software Government Summit, there’s a little something for everyone.  Read on to get insight into some of the tracks and sessions available to you, as a security professional!


Join HPE Security at InfoSec World 2017Open in a New Window


Today, we are bombarded with constant and disruptive change. To achieve success, you have to innovate faster than the competition. Security can’t slow you down; however, NOT considering risk in this increasingly connected world jeopardizes innovation. So how do you achieve that success? Join us at InfoSec World 2017.


Build your plan for the 2017 HPE Software Government SummitOpen in a New Window


Are you ready for the 7th annual HPE Software Government Summit? Read this blog for more information on the agenda, speakers, and more! 


The 2017 State of SecOps: Attempts to transfer risk with managed servicesOpen in a New Window

secops box.PNG

In this 8-part blog series, we give a high-level overview of the findings and lessons learned in the 2017 State of Security Operations Report. This is part 4, wherein we discuss attempts to transfer risk with managed services.


Top 10 reasons you should attend HPE Software Government SummitOpen in a New Window


Are you ready to learn about Government transformation through secure innovation? Then join us at the HPE Software Government Summit on March 22nd, in Washington, D.C. Here are the top 10 reasons you should go...


HPE Security Fortify continues to be a leader in Application Security Testing!Open in a New Window

garter mq 2017.PNG

The 2017 Gartner Magic Quadrant for AST was just released. As the first AST vendor to provide capabilities in SAST, DAST, IAST and RASP, Fortify continues to lead through innovation, taking a leadership position for the 7th year in a row!


Save-the-date: Protect 2017!Open in a New Window


Save the date! Protect is coming to Washington, D.C. September 11-13th, 2017! 


ArcSight for the win!Open in a New Window

sc awards 2017.PNG

HPE Security is thrilled to announce that ArcSight is the winner of “Best SIEM Solution” by SCMagazine in their 2017 SC Awards. Winners were announced on February 14th, 2017 at RSA Conference in San Francisco, CA. 


Looking for the fastest threat investigation solution? Found it!Open in a New Window

siem arcsight.PNG

HPE debuts ArcSight Investigate, the industry’s fastest threat investigation solution, at RSA Conference 2017! 

Contact Us

Vivit Worldwide
P.O. Box 18510
Boulder, CO 80308

Email: info@vivit-worldwide.org


Vivit's mission is to serve
the Hewlett Packard
Enterprise User
Community through
Advocacy, Community,
and Education.