Continuous Diagnostics and Mitigation

Brochure

Continuous Diagnostics and Mitigation Think ahead with HP Enterprise Security Products

Brochure | Continuous Diagnostics and Mitigation

Think beyond compliance. Think ahead. Continuous Diagnostics and Mitigation (CDM) is a critical federal cybersecurity initiative from the Department of Homeland Security (DHS). CDM provides the capabilities and tools that transform the way federal agencies manage and strengthen their cyber networks through strategically sourced services and enterprise security tools. It can be complicated, with many requirements to meet the mandate. The DHS directive lists 15 different interdependent functional areas that agencies have to plan for. We’re here to help HP Enterprise Security Products (ESP) is a leading provider of enterprise security products designed to help agencies mitigate risk and protect against sophisticated cyber threats. HP ESP delivers the capabilities and information network security solutions you need for up-tothe-minute oversight of your agency’s networks, a clear understanding of the relative risks and threats, and ways to identify and mitigate flaws at near network speed. HP ESP offers a complete solution to maintain secure data environments and meet your agency’s mission. Our CDM approach helps you get compliant and get ahead, reducing implementation to four simple, integrated steps. We provide industry leading government grade technology products that help you modernize your infrastructure and improve its efficiency so you can meet your mission on time and on budget. Our easy to deploy and use enterprise security management products help you: • test your assets for vulnerabilities before they launch • identify evolving risks in assets already in use • find and resolve most network security threats across the network at machine speed • refine your infrastructure with constant, real time feedback • reduce the number of events you have to manually manage

2

Brochure | Continuous Diagnostics and Mitigation

CDM compliance made easy with four integrated steps How we help: HP Software Enterprise Security Products and IT Management portfolios offers a complete solution to maintain secure data environments and meet your agency’s mission.

Our best-in-class government grade fully-integrated security technology products give you active protection with automated compliance, meeting CDM requirements out of the box.

Our four-part approach to CDM helps you: Configuration management

Vulnerability management

• Reduce the number of events you have to manually manage

HP universal discovery • Hardware/software discovery

• Apply staff resources where they’re needed most

HP uCMDB • Hardware/software inventory • Configuration management

HP enterprise view • Business impact analysis • IT risk management • IT compliance management • Vulnerability management

HP operations orchestrator • Process automation/workflow runbooks

HP Fortify SCA • Source code vulnerability scanning

HP Omi • Business impact analysis • Operations event management

HP Webinspect Enterprise • Dynamic web application vulnerability scanning HP runtime protection • Real-time application defense HP TippingPoint IPS • Network security defense

• Find and resolve most threats at machine speed

• Gain strategic insights to refine policy and processes • Lower barriers to cross-team collaboration • Document compliance

HP client/server/network automation • Configuration management • Patch management • Vulnerability management Access management

Event management

HP enterprise view • Business impact analysis • IT risk management • IT compliance management

HP ArcSight ESM • Security intelligence & event management • Incident management & workflow

HP identity view • Use identity attribution • Role violations • Privileged user monitoring detection • Insider threat HP application view • Real-time application security event logging • Real-time application resource event logging

HP application view • Application intelligence & event management HP service manager • Incident management/helpdesk solutions HP ArcSight Logger • Log management HP TippingPoint IPS • Network defense

3

Brochure | Continuous Diagnostics and Mitigation

Contracts HP Enterprise Security Products can be purchased directly from the GSA schedule or through the delegated procurement authority, GSA Federal Systems Integration and Management Center (FEDSIM). For specific ordering options, please see GSA’s CDM/ CMaaS Ordering Guide, 2013, at gsa.gov/cdm.

Services HP ESP Global Services takes a holistic approach to building and operating cyber security and response solutions and capabilities supporting the cyber threat management and regulatory compliance needs of the world’s largest enterprises. We use a combination of operational expertise–yours and ours–and proven methodologies to deliver fast, effective results and demonstrate ROI. Our proven, use-case-driven solutions combine market-leading technology with sustainable business and technical processes executed by trained and skilled professionals. Learn more about HP ESP Global Services at hpenterprisesecurity.com

For more information To read more about HP Enterprise Security Products, go to hp.com/go/fedsecurity To read more about HP IT Management Products, go to hp.com/go/software

HP Enterprise Security Products Our portfolio of innovative enterprise security automation, sensors and cloud services helps agencies maintain secure data environments and answer mandates responsibly. Using these integrated tools, agencies and contractors can test assets for vulnerabilities before they launch, identify evolving risks, coordinate threat response at network speed, document compliance across multiple groups and roles, and foster collaborative approaches to future threats. With these enterprise security tools and our expertise, application security professionals and system integrators can maintain vital agency systems.

Sign up for updates hp.com/go/getupdated

Share with colleagues

Rate this document

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. 4AA5-4573ENW, September 2014