The integration of security and systems management has always seemed to be one of those fine ideas that never quite reach fruition. So it’s interesting to watch the pace at which Hewlett-Packard is moving to integrate the security technologies gained by acquiring ArcSight, Fortify and the TippingPoint unit of 3Com with the suite of systems management tools that HP has been developing for years.
Attendees at the recent RSA Conference 2011 show got a taste of things to come when the company previewed the progress that HP has made this far integrating its various security technologies. During the event, HP specifically showcased integration between Fortify and its HP Application Security Center.
But the center of the security and systems management integration conversation remains focused on what HP will ultimately accomplish with ArcSight. It’s still relatively early given the recent acquisition of ArcSight, but Rick Caccia, HP vice president of product marketing for ArcSight products says some profound changes are under way in terms of how IT organizations will be approaching security in the future.
By integrating security and systems management, Caccia says IT organizations will finally be able to ascribe real-world risk to various security threats. Today, IT organizations don’t have any real way to associate a specific security threat with the risks associated with the applications that may be running on the affected systems. In the future, IT organizations will not only be able to automate their responses, they will also know how critical the threats are, which in turn will inform how aggressively they need to respond.
It will take some time to achieve that goal because there are millions of logs that need to be analyzed in order to determine what the exact level of risk is. But as processing power becomes more affordable, the goal of analyzing systems management information to ascertain levels of risks associated with security threats is definitely in sight.
This, of course, is one of the great unfulfilled goals of security management and HP is certainly not the only vendor trying to marry analytics to security management. The good news is that it’s starting to look like it may finally happen sooner than later.