Security and Trust Office

Security and Trust Office

Security and Trust Office -why

Security and Trust Office

Our mission is to assure the secure development and delivery of Hewlett Packard Enterprise software products, increase trust among our customers and address & resolve security incidents.

Multi-stage Secure Development & Deployment

HPE Security & Trust Office has established industry leading Software Secure Design & Coding techniques and a comprehensive security lifecycle management framework to support secure end to end product development & delivery across all HPE software products.

We Are Certified to the Top Industry Security Standards

ISO 27001:2013 demonstrates implementation and maintenance for the highest security standards controls, assuring secure delivery of HPE software products.

ISO 27034-1 application security standard, demonstrates proactive integration of security as part of HPE software development lifecycle.

Security Lifecycle Management (SLM)

HPE Software has established a framework to enable the proactive integration of security into its products lifecycle. The integration of comprehensive security controls such as design review, threat modeling, security testing, and more into the product lifecycle makes sure the risks are identified and appropriate mitigation is provided prior to the product release.

Security and Trust Office -html 2

Enable Secure Product Delivery

(PDF 327 KB)

Read the White Paper

SLM Components

Education

Our product security lifecycle is built from the ground up and our team is equipped with a comprehensive set of tools to deal with today's complex threat landscape.

Requirements & Planning

Define the required product security level, prepare a product security plan and high level specifications.

Design

Perform a threat assessment and build product architecture & design with appropriate mitigation in place.

Implementation

Build secure product implementation and perform 1st level of security testing.

Verification

Verify product security posture via comprehensive and independent product security testing.

Release

Perform final security validations and approve product version for release.

Response

Maintain a secure product according to evolving attack trends and customer feedback.

Resources

White paper

Enable Secure Product Delivery

(PDF 327 KB)

Analyst report

ISO27001 Certified

(PDF 677 KB)

Data sheet

HPE Software is the first to achieve ISO/IEC 27034-1 security certification

(PDF 4 MB)

Web event

Are you ready for a software security breach

(47 minutes)

Article

HPE Software achieves international security certification