Risk
12/5/2012
04:24 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Critical Watch Announces Interoperability With HP Enterprise Security Products As Participants In HP's Partner Program

Collaboration will enhance interoperability between Critical Watch ACI Recommendation Engine and HP Fortify

DALLAS, Texas – December 04, 2012 – Critical Watch, the innovator of Active Countermeasure Intelligence (ACI), today announced its participation in the HP® Enterprise Security partner program, supporting interoperability with HP technologies to create a more secure business environment for today's enterprise. This collaboration will enhance interoperability between the Critical Watch ACI Recommendation Engine&trade and HP Fortify.

This intelligence is continuously being advanced by the Critical Watch&trade Basecamp Labs&trade research team, which builds custom expressions to add contextual data to incidents generated by risk detection technologies so these intelligent countermeasure recommendations can be made.

"Our interoperability with HP Fortify will greatly enhance the delivery of our ACI Platform," said Audian Paxson, director of product management at Critical Watch. "This reflects our commitment to working with today's industry leaders in improving enterprise security."

A recent report by the 451 Group highlights the capabilities of the ACI Platform&trade that will support offerings from HP and benefit mutual customers: "A vulnerability may exist in the Web layer, but the most appropriate countermeasures may exist within the network layer or in the data layer. Knowing how disparate different support teams can be within some organizations, this adds a degree of cohesiveness to overall operations that has generally been lacking. This intelligence can lead to better risk decisions, and as a result the value lies in an increased ability to orchestrate the security process from detection through to mitigation."

Finding and understanding system vulnerabilities is just the first step in countering threats, as customers need critical information about which vulnerabilities should be fixed," said Michael Callahan, vice president, product solutions marketing, HP Enterprise Security Products. "The interoperability with Critical Watch allows us to provide the security intelligence necessary to make the right risk decisions about today's threats."

About ACI Platform&trade

The ACI Platform&trade is the first technology that combines risk data from a variety of sources throughout the data stack and recommends and initiates security countermeasures to mitigate those risks. It complements existing security intelligence gathering solutions to provide a complete picture of risk-correlated countermeasures.

About Critical Watch&trade

Critical Watch is the innovator of ACI Platform&trade – a next generation information security technology that combines comprehensive risk intelligence with active mitigation. Critical Watch clients are Global 2000 enterprises across verticals such as healthcare, financial services, state and local government, ecommerce, and manufacturing.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2227
Published: 2014-07-25
The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) before 3.0.1 does not restrict access to the application, which allows remote attackers to bypass the Same Origin Policy via a crafted SWF file.

CVE-2014-5027
Published: 2014-07-25
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via a query parameter to a diff fragment page.

CVE-2014-5100
Published: 2014-07-25
Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user account via a request to admin/users/add, (2) insert cross-site scripting (XSS) sequences via the api_key_...

CVE-2014-5101
Published: 2014-07-25
Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) TPL_address, (6) TPL_city, (7) TPL_prov, (8) TPL_zip, (9) TPL_phone, (10) TPL_pp_email, (11) TPL_authn...

CVE-2014-5102
Published: 2014-07-25
SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to execute arbitrary SQL commands via the criteria[startswith] parameter to ajax/render/memberlist_items.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.