News Advisory: September 02, 2015

HP Fortify Revolutionizes Application Security with Machine Learning

New security analytics solution enhances protection at the application layer; reinvents traditional approach to application security

NATIONAL HARBOR, MD, Sept. 2, 2015 — Today at HP Protect, the company’s annual enterprise security user conference, HP introduced a first-of-its kind machine-learning technology that harnesses the power of an organization’s application security data. Leveraging big data analytics to prioritize critical threats, HP Fortify scan analytics automates the processing of application scan results to allow customers to focus on higher priority risks.

Cyber criminals today are organized, specialized and motivated to find and exploit vulnerabilities in enterprise applications in order to steal data, intellectual property and employee or customer information. More than 80 percent of successful breaches target vulnerabilities in the application layer1, indicating the need for enterprise IT departments to be vigilant in terms of application security, and to implement programs that reduce security risk driven by software within the organization.

“Like most aspects of security today, securing enterprise applications has been challenged with the sheer volume of vulnerabilities and threats that need to be addressed, leaving organizations guessing about where to start,” said Jason Schmitt (@raidschmitt), vice president and general manager, HP Security Fortify. “The HP Fortify scan analytics technology is revolutionizing traditional approaches to application security by applying machine learning to automatically prioritize the issues that matter and strip away the noise, dramatically improving results and effort required to protect sensitive applications.”

Analyzing big data across thousands of expertly audited security tests to make the application security audit process more automated and efficient, the HP Fortify scan analytics technology increases the relevancy of findings based on the unique context of an application. Bootstrapped by processing historical data of HP Fortify Static Code Analyzer scans, it continuously incorporates on-going application scan results, learning which vulnerabilities are most important based on an organization’s preferences and policies. HP Fortify scan analytics automatically highlights the vulnerabilities that are relevant for an auditor to address, turning a large volume of security information into a small set of high confidence, actionable results. This reduces the number of issues that require an auditor’s review, increasing results accuracy and saving both time and resources while lowering overall risk exposure. 

Integrating seamlessly into existing work flows with minimal disruptions to an organization’s existing applications security program, HP Fortify scan analytics allows customers to leverage the full portfolio.  Together with HP Software Security Research expertise, HP Fortify scan analytics works at every stage of the application security program to help customers efficiently evaluate, validate and triage security findings.

Pricing and Availability
HP Fortify scan analytics is currently available as part of HP Fortify on Demand. Additional information about HP Fortify can be found at http://www.hp.com/go/fortify.

HP’s annual enterprise security user conference, HP Protect, is taking place this week from Sept. 1-4 in National Harbor, Maryland. Follow HP Security on Twitter @HPsecurity, and keep up with event happenings by following the event hashtag, #HPProtect

About HP Security
HP enables organizations to take a proactive approach to IT security, disrupting the life cycle of an attack through prevention and real-time threat detection. With market-leading products, services and innovative research, HP Security brings a global network of security operations centers and more than 5,000 IT security experts to help customers strengthen their security posture to minimize risk and incident impact.

Join HP Software on Linkedin and follow @HPSoftware on Twitter. To learn more about HP Enterprise Security products and services on Twitter, please follow @HPSecurity and join HP Enterprise Security on Linkedin.

HP Enterprise Security Products, Research

© 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

This news release contains forward-looking statements that involve risks, uncertainties and assumptions. If such risks or uncertainties materialize or such assumptions prove incorrect, the results of HP and its consolidated subsidiaries could differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to statements of the plans, strategies and objectives of management for future operations; any statements concerning expected development, performance, market share or competitive performance relating to products and services; any statements regarding anticipated operational and financial results; any statements of expectation or belief; and any statements of assumptions underlying any of the foregoing. Risks, uncertainties and assumptions include the need to address the many challenges facing HP’s businesses; the competitive pressures faced by HP’s businesses; risks associated with executing HP’s strategy and plans for future operations; the impact of macroeconomic and geopolitical trends and events; the need to manage third-party suppliers and the distribution of HP’s products and services effectively; the protection of HP’s intellectual property assets, including intellectual property licensed from third parties; risks associated with HP’s international operations; the development and transition of new products and services and the enhancement of existing products and services to meet customer needs and respond to emerging technological trends; the execution and performance of contracts by HP and its suppliers, customers, clients and partners; the hiring and retention of key employees; integration and other risks associated with business combination and investment transactions; the execution, timing and results of restructuring plans, including estimates and assumptions related to the cost and the anticipated benefits of implementing those plans; the resolution of pending investigations, claims and disputes; and other risks that are described in HP’s Annual Report on Form 10-K for the fiscal year ended October 31, 2013, and that are otherwise described or updated from time to time in HP’s Securities and Exchange Commission reports. HP assumes no obligation and does not intend to update these forward-looking statements.

Media contacts

About HP

HP Inc. creates technology that makes life better for everyone, everywhere. Through our portfolio of printers, PCs, mobile devices, solutions, and services, we engineer experiences that amaze. More information about HP Inc. is available at http://www.hp.com.