Aiming to provide a closed-loop approach to IT security, Hewlett-Packard this week at the Black Hat 2015 conference unveiled an HP TippingPoint Threat Protection System designed to provide actionable intelligence that gets used to remediate vulnerabilities in real time.
Don Closser, vice president and general manager for TippingPoint within the HP Enterprise Security Products group, says this offering makes extensive use of “virtual patching” at the edge of the network to thwart attacks by disrupting the malware’s ability to infect a specific application.
Via a Digital Vaccine service provided by DVLabs, Closser says HP can either tap into a library of signatures that are associated with known threats or dynamically generate new signatures based on the anomalous behavior of a potential threat. Once that threat is identified, the system automatically generates the appropriate virtual patch.
In addition, Closser notes the system provides IT organizations with visibility into encrypted traffic, which is becoming a much larger percentage of the traffic being generated across the Internet.
The HP TippingPoint Threat Protection System can be deployed as a next-generation intrusion prevention system (IPS) or a next-generation firewall (NGFW). The platform comes in three flavors: the enterprise class 440T Threat Protection System, the 2200T Threat Protection System for mid to large enterprises, and the V Series Virtual Threat Protection System delivered as a virtual appliance. As network and security services continue to converge, Closser says it’s become easier for vendors to actually deliver closed-loop security products that not only identify threats, but more importantly remediate the vulnerability.
Most IT organizations have a difficult time keeping up with all the patches they are supposed to deploy to keep applications secure. While virtual patching doesn’t eliminate the need to apply patches, it does buy IT organizations precious time against threats that are often specifically designed to exploit a particular vulnerability. As is often the case when it comes to security, time is, of course, rarely on the side of the IT organization.