HP Announces New Security Research Organization at RSA
HP consolidates the effort of multiple security divisions into a single unit for quicker and more effective risk remediation.
In recent years HP has expanded its security portfolio by acquiring multiple security vendors. Now in an effort to provide greater clarity and improve its research efforts, HP is consolidating DVLabs, the Zero Day Intiative (ZDI) and HP Fortify Software Security Research into a single unit called HP Security Research (HPSR).
HPSR will provide threat intelligence feeds for multiple HP products, including the new HP Reputation Security Monitor (RepSM) 1.5 release.
Jacob West, CTO of Enterprise Security Products at HP, is tasked with leading the HPSR organization. West joined HP through the company's acquisition of Fortify in 2010.
"This is an opportunity to consolidate all of the existing assets," West told eSecurityPlanet. "It lets us drive a unified research agenda spanning all the areas of research that HP is interested in and it gives us a platform for increasing our investment in research."
The consolidation is not about reducing staff. There are no redundant resources today, West noted. In fact, the opposite is true.
West added that HP will continue to invest in the same areas it has to date, including vulnerability and malware research and analysis of different threat actors and groups. With HPSR, HP can operate its different areas of research in a more coordinated way. The idea is that HP will be able to take a vulnerability that is being exploited in the wild and leverage Fortify's analysis for root cause determination and improved remediation.
Cyber Security Risk Report
In coordination with the formation of the new HPSR organization, HP also released its 2012 Cyber Security Risk Report. According to the report, IT security disclosures grew to 8,137 items in 2012, a 19 percent year-over-year increase.
On a positive note, while disclosures are on the rise the number of critical vulnerabilities fell to 20 percent of all vulnerabilities, down from 23 percent in 2011.
While still only a small percentage of the total security landscape, the report found mobile vulnerabilities are on the rise. In 2012, HP had 266 mobile security advisories, 68 percent more than the 158 advisories in 2011.
Watch a brief video with West below:
January 09, 2013
HP's group issued over 200 security advisories in 2012, with more to come this year.