HP Overhauling Security Units, Denies ArcSight Sale, Spin-Off


Hewlett-Packard, beleaguered by internal strife and a series of financial setbacks in recent months, is revamping its security units, stripping its popular Zero-day Initiative bug bounty program from TippingPoint to create a new research arm.

Former and current employees told CRN that the company was considering a number of options over the last year, including a possible spin-off or sale of its ArcSight security business. But Art Gilliland, a former Symantec executive who took the senior vice president and general manager of Enterprise Security Products position at HP last July, said in an interview that ArcSight is currently not up for sale or spin-off, nor had it been over the last year. He called the company's ArcSight security business a core part of the company's future.

"I can't speak for the board of directors; I can only speak to the data that I know and the data that I know in my group is that there is no intention to do that," said Gilliland in an interview with CRN. "It's not something that I'm recommending; it's absolutely one of the futures of the business. Everything we've said publicly is security is important to the future of the HP turnaround, and that's been my understanding so far and we're operating the business that way."

 

[Related: HP CEO Whitman: Dell Leveraged Buyout Spells Opportunity For HP]

Gilliland pointed to a recent restructuring of personnel as a key part of the security unit overhaul. The ZDI program is being split off from TippingPoint, which became part of the HP security software business in 2005 as part of its $2.7 billion 3Com deal. Under the restructuring, it is being centralized into a threat intelligence group headed by Jacob West, CTO of HP Fortify. The move brings together what had been pockets of security research in the separate product areas. West now leads a combined research team with increased funding, Gilliland said.

"In my opinion that was an unleveraged way to drive what I think is a really critical point of the future success of security in general, which is security intelligence," Gilliland said. "We brought it together because I think you'll get more leverage. You can hire a different caliber of researcher if they know they're going into a research org with a career path and with investments and objectives around driving better, more effective research."

The ZDI vulnerability bounty program, which pays researchers up to $5,000 for serious flaws, was maintained by TippingPoint DVLabs since 2005. Under the new plan, the ZDI will be the core of a new threat intelligence unit. The ZDI program took in a record 300 vulnerabilities in 2010 and the submissions increased to more than 350 last year. The number fell in 2012 to 203 published advisories due, in part, to the loss of its staff. Brandon Edwards, Aaron Portnoy and several other security researchers who staffed the ZDI left the company to found Exodus Intelligence, which buys zero-day vulnerabilities and is run in a similar fashion as ZDI.

NEXT: TippingPoint In Market Tough To Stand Out