HP Wolf Security

Unique layers of protection, securing endpoints from the chip to the cloud
Full-stack Protection

Unlike alternatives that only protect above the operating system, HP takes a full-stack approach. HP Wolf Security1 builds security layer by layer, from motherboard hardware and firmware, through the OS, to application execution.

Endpoint
Isolation

Revolutionary endpoint micro-virtualization stops malware, phishing and ransomware, and protects privileged user remote access. It relies on Intel and AMD CPUs for hardware enforcement, so that malware can’t get around it.

Full-stack protection with HP devices
Hardware-based root of trust

Custom and standards-based motherboard silicon provides resilient, tamper-resistant platform for security services across the stack.


The World’s Most Secure PCs2


The World’s Most Secure Printers3


BIOS/ Firmware

Fundamental controls protect the firmware layer from the rise in targeted attacks below the OS: code integrity, configuration security, and vulnerability management.

Endpoint Isolation that protects your entire fleet
Micro-virtual Machines

Potentially risky tasks are run in micro-virtual machines, preventing attacks from infecting machines without impacting user productivity.

Application-level Isolation

Sensitive privileged-user applications are isolated from threats, even if the OS is compromised. Access to sensitive data and systems can be performed using general-purpose PCs, with decreased risk of attack propagation across security domains.

Security that delivers business results

HP Wolf Security1 answers the toughest challenges businesses face today, improving outcomes for risk management, operational efficiency, and productivity

Whether we’re serving large-scale enterprises with dedicated IT teams and complex security requirements or smaller companies with limited IT resources, HP Wolf Security delivers solutions that accelerate business results.

Protect a hybrid workforce

Select a use case to learn more

Threat Containment

Unlike conventional antivirus solutions, HP Wolf Security isolates and contains threats such as phishing and ransomware before they can infect endpoints. It’s a unique approach that takes advantage of hardware enforcement available on commercial Intel® and AMD CPUs to create a barrier hackers can’t work around.

Superb threat analytics and browser isolation leave workers free to work without fear of triggering an attack, while SOC teams enjoy better visibility and fewer tickets. HP and non-HP PCs supported.

HP Sure Click Enterprise
HP Wolf Pro Security
Patch Management

Patching is a primary security control, but keeping a multitude of endpoints up-to-date across an organization presents a serious IT challenge that can lead to gaps and create security vulnerabilities. Hardware-enforced threat isolation from HP Wolf Security provides protection for PCs between patching cycles, reducing risk and easing IT operations by eliminating frequent or emergency patching. HP and non-HP PCs supported.

Patch Management
Privileged Access

Privileged activity requires advanced security controls. HP Wolf Security isolates remote access applications such as RDP from malware compromise, vastly reducing the risk of keyboard, display, or memory data interception. Organizations are free to consolidate multiple PAWs to a single PC, with the peace of mind that comes with CPU hardware enforcement. HP and non-HP PCs supported.

HP Sure Access
Lost or Stolen PCs

A rapid rise in remote and hybrid work has made the prospect of lost and missing PCs more common and the security and operational impacts of it more profound. HP Protect & Trace2 allows administrators to locate, temporarily lock, and if necessary, wipe PCs remotely. Cloud-based, multi-person policy authorization keeps IT overhead low and reduces the risk of staff-related errors.

HP Protect & Trace

HP PC platform: streamline IT

Modern Management

Accelerate the transition to cloud-based Modern Management across the stack: Factory or partner services for Autopilot pre-enrolment; autonomous BIOS recovery, and customizable Windows recovery from secure local storage or the cloud. Eliminate on-premise management infrastructure and the need for physical access to endpoint PCs.

HP Sure Admin
HP Sure Recover
Incident & Disaster Recovery

Whether you’re dealing with a single corrupted PC or managing an entire fleet of compromised machines, the primary goal of Incident Recovery (IR) or Disaster Recovery (DR) is to return endpoints to a trusted, usable state. HP PCs can be re-imaged to a fully-customized configuration or “bare-bones” safe state in a matter of minutes, without an Internet connection or physical access. IR and DR efforts are aided by secured, resilient firmware that work together to help reduce operational overhead and equipment downtime.​

HP Sure Recover
Lifecycle Management

Efficient maintenance of fleet security throughout the life of each machine is essential to lowering operational costs and reducing risk. HP PCs streamline security across the endpoint lifecycle, from procurement, preparation, and deployment to day-to-day management and retirement.

HP Wolf Security offers factory pre-provisioning, Modern Management, simplified BIOS security, and Data Erase. All capabilities are supported by HP’s extensive partner community, or can be self-managed.

HP Sure Admin
HP Tamper Lock
HP Sure Start
HP Secure Erase
User Productivity

HP Wolf Security protects users from threats and keeps them up and running in a way that is nearly invisible to them. Users remain focused on work while IT enjoys greater availability, better operational efficiency, and faster recovery. It’s a risk management strategy that boosts productivity rather than hinders it.

HP Sure Start
HP Sure Admin
HP Sure Recover

HP PC platform: mitigate Risk

BIOS/Firmware Integrity

A secure computing environment depends on a secure foundation. HP PCs deliver true full-stack security at all levels of the platform, including the motherboard hardware, peripheral interfaces, BIOS and third-party firmware and configuration, and the operating system. A full-stack solution maintains PC platform integrity even in the face of today’s most sophisticated and evolving “below the OS” attacks.

HP Sure Start
HP Sure Admin
Physical Compromise

Remote work and travel expose fleet PCs to attacks of physical manipulation. In less than a minute, through physical access, hackers can target a machine’s peripheral ports or even attempt to remove its cover to cause damage or access sensitive data. HP Wolf Pro Security Edition6 PCs detect and prevent such attacks, providing an important additional level of protection for your laptops, data, and users.

HP Tamper Lock
HP Sure Admin
HP Sure Start
Supply Chain Compromise

Sophisticated threat actors subvert fleet supply chains to compromise PCs prior to delivery. HP premium business PCs come equipped with HP's Endpoint Security Controller on the motherboard, providing a hardware-based root of trust. Firmware, operating systems and applications are all executed securely on the platform with confidence.

HP Sure Admin
HP Sure Start
HP Tamper Lock
Supply Chain Security
Compliance & Audit

As the delivery point for sensitive data, end-user PCs are in-scope for compliance and internal audit. In addition, control objectives go beyond the OS level and apply across the stack. HP's full-stack approach to platform security supports implementing control activities for hardware, code, and configuration integrity below the OS. Centralized policy and SSO support make control validation and auditing simpler to perform.

PC Platform Security

Print Solutions and Services: Simplifying Security

Enterprise Business
Your enterprise can streamline print fleet security policy, ensure compliance, and protect your workflows with HP Solutions. From implementing security policies to safely leveraging the cloud, HP Wolf Enterprise Security Services can take the burden off IT.
Small Business
Enable your small business with self-managed printers. HP authorized partners are ready to help assess and mitigate threats with solutions and services that enable small teams to self-manage all their printers.

The building blocks of a better defense

Unique products deliver enhanced risk management

HP Wolf Security brings a host of advanced technologies to your endpoint cyber-defenses, supporting HP and non-HP (OEM) PCs, and HP printers.

Expert Perspectives

The Evolution of Cybercrime

How the Dark Web Supercharged the Cybercrime Economy

Read the report

Quarterly Threat Report

HP Wolf Security Threat Insights Report Q3 2022

This report reviews notable threats, malware trends and techniques identified by HP Wolf Security’s customer telemetry in calendar Q3 2022. Highlights include...

Read the report
More HP Wolf perspectives

Out of Sight & Out of Mind

The workplace has evolved, ushering in the age of hybrid working. Digital and workplace transformation have both been accelerated, and work has forever changed...

Read the report

Rebellions & Rejections

The global pandemic forced organizations to pivot rapidly from an office-based workforce model to one in which dynamic, hybrid working is the norm. This new way...

Read the report
Industry Insights

IDC, HP: Holistic Endpoint Security Requires Built-in Hardware-based Defenses

Analyst report where IDC talks about the need for hardware-based security and explains how HP helps fill that need.

Read the report

Quocirca


Quocirca's 2022 Print Security Landscape

Trends and opportunites for securing the hybrid workplace.

Read the report

Forrester Recommends Zero Trust Approach to Endpoint Security

Forrester study demonstrating the value of a Zero Trust approach to endpoint security in reducing attack surface and improving productivity.

Read the report

Tag Cyber: Design of Secure PC Endpoints, An Introduction to HP Wolf Security

An introduction to HP Wolf Security designed for a modern, Zero Trust endpoint computing environment.

Read the report
Case Studies

Dataport protects its users against cyberattacks with HP Sure Click

The city of Bonn builds a protective shield against unknown malware

DLG improves employee productivity and reduces IT administration

HP Wolf Security Products

A breakthrough in
integrated
endpoint security

Hardware and software work together to make
you more secure and more productive


HP Wolf Security1 takes a full-stack approach to securing the weakest links in your security
architecture—your endpoints and users. Our advanced threat containment strategy combines
unique, CPU-enforced isolation technology with security features embedded into
motherboard hardware to form a fortress of protection most threats can’t penetrate.

Unique Malware Prevention

Threat containment: an advanced approach to endpoint protection





Threat Containment technology uses isolation based on micro-virtual machines to protect users and defeat phishing and other attack vectors NGAV and EDR solutions may let through. Malware can’t make its way around isolation measures because they are enforced by CPU hardware.

  • Mitigates attacks from email attachments, web links, and USB drives
  • Supported by AMD and Intel CPUs
  • More than 18 billion clicks without a reported compromise

Endpoint Isolation Technology Brief
Threat Containment advantages across the organization
Endpoint
Protection

  • Prevents phishing and ransomware from corrupting PCs or moving laterally

  • Patch management compensating control

  • CPU acceleration maintains app performance

SOC
Efficiency

  • Fewer high-priority tickets and false positives

  • Less endpoint remediation

  • High fidelity visibility and threat intelligence

User
Experience

  • Work without worry; open email attachments with confidence

  • Reduce “spot the phishing” exercises

  • No proxy delays or changes to application behavior

Key components of Threat Containment
technology






Micro-virtual
Machines

  • Per-task isolation of potentially risky activity
  • Hardware-enforced attack surface reduction
  • Secure web browser





Isolated Introspection

  • Safe Space” malware execution sandbox
  • Realistic environment provides superior forensics of malware behavior
  • Identifies previously unseen attack techniques and combinations





Analytics and
Reporting

  • Centralized cloud or on-premises policy and event management
  • Detailed per-event threat intel reports, including MITRE ATT&CK mapping
  • Integrations via STIX/TAXII
Threat containment products for any
environment

HP Sure Click
Enterprise





Maximum flexibility to satisfy the most demanding requirements

  • Threat Containment, credential protection, and secure browser
  • Enterprise-class policies, RBAC, and integrations
  • On-premises or cloud-based management

View the datasheet


HP Wolf Pro
Security





Simplified policy management for smaller organizations or less complex systems

  • Threat Containment, credential protection, and optional NGAV
  • Simplified policy constructs designed for security non-experts
  • Cloud-based management

View the datasheet
Compare capabilities

HP Wolf Security Platform

HP Wolf Pro Security


Enhanced protection that’s easy to
reply and use.

HP Sure Click Enterprise


Robust, custom security for complex
organizations.

Hardware-Enforced Threat Containment

  Advanced

  Advanced

Browser Isolation

  Standard

  Advanced

Credential Protection

  Standard

  Advanced

Threat Containment Policy Configuration

  Basic

  Advanced

Wolf Controller Management

  Cloud

  Cloud or On-Premises

Next-Gen Anti-Virus

  Optional

  Customer Choice

Read the Datasheet

Read the Solution Brief
Read the Datasheet

Read the Solution Brief


HP Sure Access Enterprise

Improved protection and user experience for Privileged Access Workstations





Cyber criminals target privileged users with spear-phishing and other behavior-based attacks to try and access sensitive data. HP Sure Access Enterprise2 uses endpoint isolation technology to defeat such attacks, protecting your privileged data and securing remote access sessions—even if a PC is compromised–with CPU-enforced micro-virtualization. Your data stays safe and your systems remain available.

  • IT System Administration
  • Database & Applicated Elevated Privileged Access
  • OT and IoT Administration

Download the datasheet

Read the Solution Brief
A simpler, more secure privileged user
experience
Reduces
Risk

  • Isolates sensitive data from compromises with hardware-enforced micro-virtualization

  • Drastically reduces the attack surface area for privileged access

  • Safeguards against keylogging, screen capture, memory tampering, and man-in-the-middle attacks

Improves User
Experience

  • Enables a single workstation for privileged, non-privileged, and personal activity

  • Allows IT teams to work without concern that they will facilitate a spear-phishing attack

  • Maintains consistent user experience across applications

Streamlines IT

  • Lowers costs and IT overhead by consolidating privileged workstations per user

  • Eliminates additional PAW endpoint controls

  • Complements and integrates with popular PAM solutions

Key capabilities of HP Sure Access Enterprise






Session Isolation

  • Per-session isolated virtual space for each remote access session
  • Supports policies locked to specific workstations
  • Supports most business-class Intel CPUs
  • Supports HP and non-HP PCs





Application Support

  • RDP
  • Citrix ICA
  • SSH
  • Web Portal (HTML5)





Management

  • Centralized policy control and logging
  • Full audit trail of privileged access to support primary or compensating control
  • Tamper-proof logging

HP Wolf Protect and Trace

Mitigate risk from lost or stolen PCs in remote and hybrid workplaces





HP Wolf Protect and Trace3 dramatically reduces the risk of data falling into the wrong hands when a PC is lost or stolen. A missing laptop can be located, temporarily locked, or erased remotely, relieving IT and security teams of a major source of time and concern. With value pricing and cloud-based management, HP Wolf Protect and Trace is ideal for small to mid-sized organizations with limited IT resources.

  • Quickly locate missing PCs
  • Lock and secure data on missing PCs
  • Wipe data on unrecoverable PCs

Download the datasheet

Read the Solution Brief
A more secure and productive remote
workplace
Reduces
Risk

  • Lock or wipe missing PCs remotely to prevent data theft

  • Create more time for effective incident response

  • Reduce or eliminate breach notification requirements with a compensating control

Improves User
Experience

  • Find missing laptops quickly

  • Alleviate frustration of lengthy IT support tickets or PC replacement processes

  • Support remote work and business travel with elite security

Streamlines IT

  • Eliminate time-consuming tickets related to missing PCs or device replacement

  • Enjoy simple, cloud-based management for internal or outsourced/MSSP operations

  • Save even more with the Active Care bundle option

Key capabilities of HP Wolf Protect and Trace






Quickly locate PCs

  • Geo-location instantly identifies a PCs current whereabouts
  • Broad international coverage
  • Hardware-enforced PC agent persistence





Temporarily lock PCs

  • Remotely disable PC login and data access
  • Protect data while a PC is in the process of being located and recovered
  • Eliminate the risk and uncertainty of possible data theft





Wipe PC data

  • Remotely erase all data on PCs that have been deemed unrecoverable
  • Threshold Cryptographic Authorization requires multiple IT approvals to lock or erase PCs
TALK TO A SECURITY EXPERT TODAY.

The information contained herein is subject to change without notice.

1. HP Wolf Security for Business requires Windows 10 or 11 Pro and higher, includes various HP security features and is available on HP Pro, Elite, RPOS and Workstation products. See product details for included security features.

2. Based on HP’s unique and comprehensive security capabilities at no additional cost among vendors on HP Elite PCs with Windows and 8th Gen and higher Intel® processors or AMD Ryzen™ 4000 processors and higher; HP ProDesk 600 G6 with Intel® 10th Gen and higher processors; and HP ProBook 600 with AMD Ryzen™ 4000 or Intel® 11th Gen processors and higher.

3. HP’s most advanced embedded security features are available on HP Managed and Enterprise devices with HP FutureSmart firmware 4.5 or above. Claim based on HP review of 2022 published features of competitive in-class printers. Only HP offers a combination of security features to automatically detect, stop, and recover from attacks with a self-healing reboot, in alignment with NIST SP 800-193 guidelines for device cyber resiliency. For a list of compatible products, visit hp.com/go/PrintersThatProtect . For more information, visit hp.com/go/PrinterSecurityClaims.

4. HP Wolf Security for Business requires Windows 10 or 11 Pro and higher, includes various HP security features and is available on HP Pro, Elite, RPOS and Workstation products. See product details for included security features.

5. HP Wolf Protect and Trace is available on select HP 600, 800, 1000, Windows based Elite Dragonfly Laptops, select 800 desktops, and Z1 G8 Workstations and will function when the device is powered on and connected to the Internet. HP Wolf Protect & Trace requires HP TechPulse to be installed by customer manually via a one-click download at hp.com/active-care or by providing consent at the time of your hardware’s first boot, which enables HP to install HP TechPulse to collect information related to the Device. HP TechPulse is a telemetry and analytics platform that provides critical data around devices and applications and is not sold as a standalone service. HP TechPulse follows stringent GDPR privacy regulations and is ISO27001, ISO27701, ISO27017 and SOC2 Type2 certified for Information Security. Internet access with connection to TechPulse portal is required. For full system requirements, please visit http://www.hpdaas.com/requirements

6. HP Secure Print works with most network-connected printers and MFPs. On-device authentication requires HP FutureSmart firmware 4.8 or newer. Supported card readers include X3D03A (HP USB Universal Card Reader) and Y7C05A (HP HIP2 Keystroke Reader). Internet connection required for some functionality. For more information, see hp.com/go/secureprint.

7. HP Advance works with most network-connected printers and MFPs. On-device authentication requires HP FutureSmart firmware 4.8 or newer. Supported card readers include X3D03A (HP USB Universal Card Reader) and Y7C05A (HP HIP2 Keystroke Reader). Internet connection required for some functionality. For more information, see hp.com/go/advance.

8. HP Wolf Pro Security Edition (including HP Sure Click Pro and HP Sure Sense Pro) is available preloaded on select SKUs and, depending on the HP product purchased, includes a paid  1-year or 3-year license. The HP Wolf Pro Security Edition software is licensed under the license terms of the HP Wolf Security Software - End-User license Agreement (EULA) that can be found at:https://support.hp.com/us-en/document/ish_3875769-3873014-16 as that EULA is modified by the following: “7. Term. Unless otherwise terminated earlier pursuant to the terms contained in this EULA, the license for the HP Wolf Pro Security Edition (HP Sure Sense Pro and HP Sure Click Pro) is effective upon activation and will continue for either a twelve (12) month or thirty-six (36) month license term (“Initial Term”). At the end of the Initial Term you may either (a) purchase a renewal license for the HP Wolf Pro Security Edition from HP.com, HP Sales or an HP Channel Partner, or (b) continue using the standard versions of HP Sure Click and HP Sure Sense at no additional cost with no future software updates or HP Support.

© Copyright HP Development Company, L.P.