- About Vivit
- LUGs & SIGs
- Vivit Blogs
- News & Events
- Knowledge Base
|HPE Software Blog: Protect Your Assets|
CloudHopper. The name sounds innocuous but this is a fairly scary attack hitting managed service providers (MSPs). Like your typical advanced attack, the CloudHopper campaign begins with phishing and includes malware, and the attack ends with data exfiltration. Unlike your typical advanced attack, clients of vulnerable MSPs are compromised from a trusted network. Here are the 4 things you should know about this nation state attack.
On April 12th, 2017, the National Institute of Standards and Technology (NIST) announced a cryptanalytic attack on the AES FFX Format-preserving Encryption (FPE) mode FF3, and as a result, NIST may revise Special Publication 800-38G, the document that specifies approved AES FFX FPE modes. The good news is this announcement has no impact on HPE SecureData customers who use AES FFX Format-preserving Encryption mode FF1.
As we continue to improve the solutions we provide enterprises, we have released our latest update to ArcSight Enterprise Security Manager—better known as ESM.
This paper briefly examines Defense in Depth (DiD), also known as the “castle approach,” then defines Defense Monitoring in Depth (DMiD). Often, DiD is described as deploying multiple layers of security controls or defenses with the hope that if an attack breaches one layer, the next layer may stop or delay the attack.
HPE Security Fortify is pleased to announce the immediate availability of HPE Security Software Security Center (SSC) and HPE Security Fortify Static Code Analyzer (SCA) 17.1, HPE Security Fortify WebInspect and HPE Security WebInspect Enterprise 17.1, and HPE Security Fortify Application Defender releases updates monthly.
The debate about whether antivirus software is still useful has been going on for a few years now. In spite of lots of advancements, identifying each and every attack is still beyond the scope of antivirus solutions. At least it seems reasonable to infer that based on the major breaches we have seen to date.
Earlier this year, I had the opportunity to present at Cybertech 2017, the largest security conference of its kind outside of the United States.
On March 7, 2017, a zero-day exploit was released which targets the popular Apache Struts framework. This vulnerability is identified by MITRE advisory CVE-2017-5638, and is a critical issue which teams should address immediately to prevent HTTP response stream modification, as well as OS command execution on the application server.
Why is innovation together with security so important? To win in the marketplace, businesses must grow and innovate. To succeed, they must adopt new technologies, innovate with new products, and find new partners to expand their business.
A recent government-wide software agreement between HPE and GSA has enormous savings potential. With the implementation of HPE Software products and services, federal agencies can expect to save more than $100 Million through cost-avoidance alone! This is in addition to the $50 Million in acquisition savings.
HPE Security Fortify Software Security Research (SSR) is pleased to announce the immediate availability of an update to HPE Security Fortify WebInspect SecureBase (available via SmartUpdate). This update includes support for critical Apache Struts 2 vulnerability (https://struts.apache.org/docs/s2-045.html). The vulnerability is identified by MITRE advisory CVE-2017-5638.
With 6 tracks to choose from at the HPE Software Government Summit, there’s a little something for everyone. Read on to get insight into some of the tracks and sessions available to you, as a security professional!
Today, we are bombarded with constant and disruptive change. To achieve success, you have to innovate faster than the competition. Security can’t slow you down; however, NOT considering risk in this increasingly connected world jeopardizes innovation. So how do you achieve that success? Join us at InfoSec World 2017.
Are you ready for the 7th annual HPE Software Government Summit? Read this blog for more information on the agenda, speakers, and more!
In this 8-part blog series, we give a high-level overview of the findings and lessons learned in the 2017 State of Security Operations Report. This is part 4, wherein we discuss attempts to transfer risk with managed services.
Are you ready to learn about Government transformation through secure innovation? Then join us at the HPE Software Government Summit on March 22nd, in Washington, D.C. Here are the top 10 reasons you should go...
The 2017 Gartner Magic Quadrant for AST was just released. As the first AST vendor to provide capabilities in SAST, DAST, IAST and RASP, Fortify continues to lead through innovation, taking a leadership position for the 7th year in a row!
Save the date! Protect is coming to Washington, D.C. September 11-13th, 2017!
HPE Security is thrilled to announce that ArcSight is the winner of “Best SIEM Solution” by SCMagazine in their 2017 SC Awards. Winners were announced on February 14th, 2017 at RSA Conference in San Francisco, CA.
HPE debuts ArcSight Investigate, the industry’s fastest threat investigation solution, at RSA Conference 2017!