Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Spectre and Meltdown

by Carole Fennelly
November 7, 2022

Spectre and Meltdown screenshot

A compromised processor is one of the most serious attack vectors on any platform. The hardware bugs known as Spectre and Meltdown affect modern processors by accessing information found in the system's memory. The Spectre and Meltdown dashboard provides insight into which systems are affected by these hardware bugs.

The Spectre and Meltdown bugs use side channels to obtain information from the accessed memory location. Spectre allows an application to force another application to access arbitrary portions of its memory, which can then be read through a side channel. This unique side channel attack uses speculative execution, a technique used by high-speed processors, to increase performance by guessing likely future execution paths and preemptively executing the instructions in them. Spectre leverages this execution and affects all modern processors capable of keeping instructions in flight.

Tenable.io enables organizations to manage risk exposure by providing information on all outstanding patches for each operating system, and assigning a criticality to each vulnerability found. This information enables infrastructure and security teams to target systems that have a higher probability of being compromised.

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable.io discovers and analyzes assets continuously to provide an accurate and unified view of an organization’s security posture. The requirements for this dashboard are: Tenable.io Vulnerability Management (Nessus).

Widgets

Spectre & Meltdown - Missing Patches: This widget provides a summary of the top vulnerabilities related to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754. The chart provides an overview for each CVE that has been issued related to Spectre & Meltdown and filters on patches that are available for those CVEs. This information enables analysts to remediate the vulnerabilities on affected systems and significantly reduce their exposure. The requirements for this widget are: Tenable.io Vulnerability Management (Nessus).

Spectre & Meltdown - Missing Patches by Plugin Family: This widget provides indicators by plugin family of missing patches related to CVEs 2017-5715, 2017-5753, 2017-5754 for Spectre and Meltdown. The results are grouped by Plugin Family and severity and sorted with the Plugin Family containing the most vulnerabilities at the top. The requirements for this widget are: Tenable.io Vulnerability Management (Nessus).

Vulnerabilities with Patches Published Over 1 Year Ago: This widget provides a quick snapshot of the older vulnerabilities detected in the organization. The vulnerabilities in the chart have patches that were published over one year ago. Analysts can use this chart for a quick overview to help plan vulnerability remediation or risk mitigation efforts. The requirements for this widget are: Tenable.io Vulnerability Management (Nessus).

Cyber Essentials Scheme - Vulnerabilities by Patch Published Date: This widget provides counts of vulnerabilities with patches that have been published in the specified date ranges. The date ranges are less than 7 days ago, less than 30 days ago, less than 90 days ago and more than 90 days ago. The columns in the matrix group the vulnerabilities by severity, ranging from low to critical. The low severity vulnerabilities are displayed on a green background, the medium severities on yellow, the high severities on orange and the critical severities on red. The bottom row of the matrix displays the counts of exploitable vulnerabilities with patches published more than 90 days ago. The requirements for this widget are: Tenable.io Vulnerability Management (Nessus).

Category
tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web Application Scanning trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.cs Cloud Security.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable.io Container Security

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try Tenable Lumin

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable.io Vulnerability Management, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable.cs

Enjoy full access to detect and fix cloud infrastructure misconfigurations and view runtime vulnerabilities. Sign up for your free trial now.

Your Tenable.cs Cloud Security trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.io Web Application Scanning.

Contact a Sales Rep to Buy Tenable.cs

Contact a Sales Representative to learn more about Tenable.cs Cloud Security and see how easy it is to onboard your cloud accounts and get visibility into both cloud misconfigurations and vulnerabilities within minutes.

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Promotional pricing extended until February 28th.
Buy a multi-year license and save more.

Add Support and Training