New HP Security Services Automate Threat Prevention

HP will introduce two new security services at the RSA Conference in San Francisco next week. The forthcoming services will automate the installation of patches as well as prevent network overloads from worm attacks.

Hewlett-Packard Co. plans to unveil two new security services next week at the RSA Conference in San Francisco, both of which are designed to help customers resist potential and ongoing attacks.

The announcements will be a part of Hewlett-Packard's big showing at the conference, which also includes a speech by Chief Privacy Officer Barbara Lawler, and another by Distinguished Technologist Joe Pato.

HP's new Active Countermeasures service will be a two-tiered vulnerability assessment that pulls in data on new threats from the CERT Coordination Center, ISA and other sources. The system will rank the threats according to their probability of exploitation and risk, then perform scheduled scans of the customer network, searching for machines that are vulnerable to any of the high-risk threats. It then can deploy automatic mitigation measures based on customer policies.

A unique characteristic of the service is that it uses the vulnerability on the machine in order to patch it. HP will write its own exploits for new flaws and then use the code to access each machine and install the patch. The code will not self-propagate, however, and will die after installing the patch on a machine. This will allows HP to avoid having to install an agent on every machine.

HP's other new offering is called the Virus Throttler, and is designed to limit the damage done by viruses and worms after they hit a network.

To read the full story, click here.