Risk
12/5/2012
04:24 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Critical Watch Announces Interoperability With HP Enterprise Security Products As Participants In HP's Partner Program

Collaboration will enhance interoperability between Critical Watch ACI Recommendation Engine and HP Fortify

DALLAS, Texas – December 04, 2012 – Critical Watch, the innovator of Active Countermeasure Intelligence (ACI), today announced its participation in the HP® Enterprise Security partner program, supporting interoperability with HP technologies to create a more secure business environment for today's enterprise. This collaboration will enhance interoperability between the Critical Watch ACI Recommendation Engine&trade and HP Fortify.

This intelligence is continuously being advanced by the Critical Watch&trade Basecamp Labs&trade research team, which builds custom expressions to add contextual data to incidents generated by risk detection technologies so these intelligent countermeasure recommendations can be made.

"Our interoperability with HP Fortify will greatly enhance the delivery of our ACI Platform," said Audian Paxson, director of product management at Critical Watch. "This reflects our commitment to working with today's industry leaders in improving enterprise security."

A recent report by the 451 Group highlights the capabilities of the ACI Platform&trade that will support offerings from HP and benefit mutual customers: "A vulnerability may exist in the Web layer, but the most appropriate countermeasures may exist within the network layer or in the data layer. Knowing how disparate different support teams can be within some organizations, this adds a degree of cohesiveness to overall operations that has generally been lacking. This intelligence can lead to better risk decisions, and as a result the value lies in an increased ability to orchestrate the security process from detection through to mitigation."

Finding and understanding system vulnerabilities is just the first step in countering threats, as customers need critical information about which vulnerabilities should be fixed," said Michael Callahan, vice president, product solutions marketing, HP Enterprise Security Products. "The interoperability with Critical Watch allows us to provide the security intelligence necessary to make the right risk decisions about today's threats."

About ACI Platform&trade

The ACI Platform&trade is the first technology that combines risk data from a variety of sources throughout the data stack and recommends and initiates security countermeasures to mitigate those risks. It complements existing security intelligence gathering solutions to provide a complete picture of risk-correlated countermeasures.

About Critical Watch&trade

Critical Watch is the innovator of ACI Platform&trade – a next generation information security technology that combines comprehensive risk intelligence with active mitigation. Critical Watch clients are Global 2000 enterprises across verticals such as healthcare, financial services, state and local government, ecommerce, and manufacturing.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2963
Published: 2014-07-10
Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML via the (1) _2_firstName, (2) _2_lastName, or (3) _2_middleName parameter.

CVE-2014-3310
Published: 2014-07-10
The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463.

CVE-2014-3311
Published: 2014-07-10
Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467.

CVE-2014-3315
Published: 2014-07-10
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308.

CVE-2014-3316
Published: 2014-07-10
The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.