HP showcases security software that look to detect infected and compromised computers

HP showcases security software that look to detect infected and compromised computers

"Run-time Application Self-Defense" seen as possibly replacing web application firewall security.

At its HP Protect Conference in Washington, D.C. this week, HP is taking the wraps off new security products that aim to detect infected and compromised machines as well as server-based software that makes use of so-called "run-time" self-protection to keep from getting infected in the first place.

HP Enterprise Security Products announced HP Application Defender, software that when loaded as an agent onto Web or application servers, can detect and block attempts to exploit code vulnerabilities through the use of a technology known as "runtime application self-protection" (RASP). The Gartner consultancy says RASP products constitute a new security approach evident for only the past two years in which security software basically works as an instrumentation of runtime in servers or clients to protect against attacks such as SQL injection, cross-site scripting and unauthorized access.

"RASP could replace web application firewall security and this could be your primary source of defense for your web servers," says Frank Mong, vice president of solutions at HP Enterprise Security products.

Web application firewalls are often used in front of servers to protect them from a variety of attacks, but RASP software is loaded directly into .Net or Java applications as a runtime agent that can detect attacks in real-time on what might be unpatched vulnerabilities and block them.

Frank Mong, vice president of solutions at HP Enterprise Security Products

Gartner says other vendors besides HP in the nascent RASP market include Prevoty, Shape Security, Waratek, Bluebox and Lacoon Mobile Security. HP didn't detail exactly when HP Application Defender would be available but HP is showing it off at the HP Protect Conference this week, attended by several thousand HP security customers.

A second new approach to security that HP will be presenting for the first time is what HP calls Advanced Threat Appliance DNS. It's basically a "DNS sniffer," says Mong in that the appliance can detect what user machine has become infected by determining that the browser has been inappropriately re-directed by malicious code, a common occurrence. Mong says HP developed the DNS-based threat-detection appliance in-house for its own use to protect many thousands of HP employees and their devices. The appliance is providing real-time insight into "patient zero, the first one infected" for HP and quick remediation can be taken, says Mong. The threat-detection appliance is not yet commercialized but HP anticipates that will occur in about the next month.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags HPHewlett-Packard



Join key decision-makers within Environmental, Social, and Governance (ESG) that have the power to affect real change and drive sustainable practices. SustainTech will bridge the gap between ambition and tangible action, promoting strategies that attendees can use in their day-to-day operations within their business.

EDGE 2023

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.


ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.

ARN Innovation Awards 2023

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

Show Comments