RSA: HP To Debut Security Intelligence and Response Framework


It's been a busy year of acquisitions in the enterprise security arena for HP, and now, the company is beginning to sketch out what it plans to do with all that technology. In fact, the company is set to announce more details of its "Instant On-Enterprise" this week at the RSA Conference 2011 in San Francisco.

Bill Veghte, executive vice president of HP's (NYSE: HPQ) Software and Solutions group and until last May, a senior executive at Microsoft (NASDAQ: MSFT), plans to describe a framework that takes advantage of products and services from recent acquisitions.

This week at the RSA Conference, Veghte will announce what the company calls the HP Security Intelligence and Response (SIR) framework – designed to "secure assets, defend resources and manage risk throughout the various layers of IT," according to a statement from the company.

HP executives first began detailing the Instant On-Enterprise in early November.

"We're taking a more holistic approach to enterprise security," Veghte told this week, and that includes cloud computing environments. "At HP we are aggressively pursuing this opportunity in a cloud context," he added.

At the heart of the SIR framework are tools and services to support various levels of security, including products from three companies that HP bought in the past year – Tipping Point, Fortify, and ArcSight.

The buying spree began in April, when HP announced it had completed its purchase of 3Com, including the TippingPoint security group.

In August, HP announced it was acquiring Fortify, which specializes in static analysis tools meant to let developers examine code for bugs and security holes.

"Fortify helps customers validate the security of applications and services," Veghte added.

Finally, in September, HP bought ArcSight, a leading maker of log and security-event management software.

"You need to see what's going on across the enterprise," he said. "The SIR framework [helps] enterprises to visualize, prioritize, and respond to threats."

Also at RSA, HP plans to announce updates to the HP TippingPoint Reputation Digital Vaccine (RepDV) service. That service is designed to shield enterprises from malicious activity on corporate networks, a company statement said.

The RepDV service sends up-to-date lists of suspicious websites to TippingPoint solutions and blocks traffic with those sites.

Additionally, HP is also announcing that it is integrating Fortify on Demand and HP's WebInspect tool.

Stuart J. Johnston is a contributing writer at, the news service of, the network for technology professionals. Follow him on Twitter @stuartj1000.

Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.