Risk
12/5/2012
04:24 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Critical Watch Announces Interoperability With HP Enterprise Security Products As Participants In HP's Partner Program

Collaboration will enhance interoperability between Critical Watch ACI Recommendation Engine and HP Fortify

DALLAS, Texas – December 04, 2012 – Critical Watch, the innovator of Active Countermeasure Intelligence (ACI), today announced its participation in the HP® Enterprise Security partner program, supporting interoperability with HP technologies to create a more secure business environment for today's enterprise. This collaboration will enhance interoperability between the Critical Watch ACI Recommendation Engine&trade and HP Fortify.

This intelligence is continuously being advanced by the Critical Watch&trade Basecamp Labs&trade research team, which builds custom expressions to add contextual data to incidents generated by risk detection technologies so these intelligent countermeasure recommendations can be made.

"Our interoperability with HP Fortify will greatly enhance the delivery of our ACI Platform," said Audian Paxson, director of product management at Critical Watch. "This reflects our commitment to working with today's industry leaders in improving enterprise security."

A recent report by the 451 Group highlights the capabilities of the ACI Platform&trade that will support offerings from HP and benefit mutual customers: "A vulnerability may exist in the Web layer, but the most appropriate countermeasures may exist within the network layer or in the data layer. Knowing how disparate different support teams can be within some organizations, this adds a degree of cohesiveness to overall operations that has generally been lacking. This intelligence can lead to better risk decisions, and as a result the value lies in an increased ability to orchestrate the security process from detection through to mitigation."

Finding and understanding system vulnerabilities is just the first step in countering threats, as customers need critical information about which vulnerabilities should be fixed," said Michael Callahan, vice president, product solutions marketing, HP Enterprise Security Products. "The interoperability with Critical Watch allows us to provide the security intelligence necessary to make the right risk decisions about today's threats."

About ACI Platform&trade

The ACI Platform&trade is the first technology that combines risk data from a variety of sources throughout the data stack and recommends and initiates security countermeasures to mitigate those risks. It complements existing security intelligence gathering solutions to provide a complete picture of risk-correlated countermeasures.

About Critical Watch&trade

Critical Watch is the innovator of ACI Platform&trade – a next generation information security technology that combines comprehensive risk intelligence with active mitigation. Critical Watch clients are Global 2000 enterprises across verticals such as healthcare, financial services, state and local government, ecommerce, and manufacturing.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

CVE-2014-2392
Published: 2014-04-24
The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 places a password in a GET request, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer log...

CVE-2014-2393
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite 7.4.1 before 7.4.1-rev11 and 7.4.2 before 7.4.2-rev13 allows remote attackers to inject arbitrary web script or HTML via a Drive filename that is not properly handled during use of the composer to add an e-mail attachment.

CVE-2011-5279
Published: 2014-04-23
CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Windows NT and Windows 2000 allows remote attackers to modify arbitrary uppercase environment variables via a \n (newline) character in an HTTP header.

CVE-2012-0360
Published: 2014-04-23
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

Best of the Web