RSA: HP builds on cloud security and risk management platforms

HP has unveiled a set of security tools and services designed to give enterprises a better view of the security of their data.

HP will offer a set of management and analysis tools that can point out possible security holes and maintain compliance on cloud platforms.

Among the new products will be the EnterpriseView risk management system.

This platform will scan network infrastructure and systems for possible risks such as compliance violations and unpatched vulnerabilities, then provide administrators with a report to prioritise the top risks on the network.

"This gives you the ability to see business risk across your enterprise, taking into consideration what is going on in your security infrastructure as well as your operations infrastructure," said HP enterprise security vice president of product marketing and solutions, Michael Callahan.

"It looks at all this information and gives you a heat map of where you should focus your resources."

HP is also looking to expand its cloud security services. The company said that it would be reaching out to cloud service providers with a tool known as the Compliance stack.

The programme will allow service providers to work with HP on a reference architecture which can assure PCI compliance when migrating to their cloud platforms.

Callahan told V3 that the stack would alleviate the security and compliance fears that continue to plague companies who are considering a migration from local systems to public cloud services.

"As people take advantage of cloud infrastructure and move portions of [their estate that] may have been under PCI compliance, they want to know how they can remain compliant," Callahan explained.

"This takes the guesswork away so you know that if you build it this way, you will be meeting the requirement."

The third phase of HP's update will focus on mobile application security. The company is expanding its Fortify Mobile Security platform to cover iOS and Android devices.

The update will include the launch of AppSM, a server-side tool which allows developers and administrators to test applications for security vulnerabilities before the software is delivered to clients, employees and customers.