Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Spectre and Meltdown

by Carole Fennelly
November 7, 2022

Spectre and Meltdown screenshot

A compromised processor is one of the most serious attack vectors on any platform. The hardware bugs known as Spectre and Meltdown affect modern processors by accessing information found in the system's memory. The Spectre and Meltdown dashboard provides insight into which systems are affected by these hardware bugs.

The Spectre and Meltdown bugs use side channels to obtain information from the accessed memory location. Spectre allows an application to force another application to access arbitrary portions of its memory, which can then be read through a side channel. This unique side channel attack uses speculative execution, a technique used by high-speed processors, to increase performance by guessing likely future execution paths and preemptively executing the instructions in them. Spectre leverages this execution and affects all modern processors capable of keeping instructions in flight.

Tenable.io enables organizations to manage risk exposure by providing information on all outstanding patches for each operating system, and assigning a criticality to each vulnerability found. This information enables infrastructure and security teams to target systems that have a higher probability of being compromised.

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable.io discovers and analyzes assets continuously to provide an accurate and unified view of an organization’s security posture. The requirements for this dashboard are: Tenable.io Vulnerability Management (Nessus).

Widgets

Spectre & Meltdown - Missing Patches: This widget provides a summary of the top vulnerabilities related to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754. The chart provides an overview for each CVE that has been issued related to Spectre & Meltdown and filters on patches that are available for those CVEs. This information enables analysts to remediate the vulnerabilities on affected systems and significantly reduce their exposure. The requirements for this widget are: Tenable.io Vulnerability Management (Nessus).

Spectre & Meltdown - Missing Patches by Plugin Family: This widget provides indicators by plugin family of missing patches related to CVEs 2017-5715, 2017-5753, 2017-5754 for Spectre and Meltdown. The results are grouped by Plugin Family and severity and sorted with the Plugin Family containing the most vulnerabilities at the top. The requirements for this widget are: Tenable.io Vulnerability Management (Nessus).

Vulnerabilities with Patches Published Over 1 Year Ago: This widget provides a quick snapshot of the older vulnerabilities detected in the organization. The vulnerabilities in the chart have patches that were published over one year ago. Analysts can use this chart for a quick overview to help plan vulnerability remediation or risk mitigation efforts. The requirements for this widget are: Tenable.io Vulnerability Management (Nessus).

Cyber Essentials Scheme - Vulnerabilities by Patch Published Date: This widget provides counts of vulnerabilities with patches that have been published in the specified date ranges. The date ranges are less than 7 days ago, less than 30 days ago, less than 90 days ago and more than 90 days ago. The columns in the matrix group the vulnerabilities by severity, ranging from low to critical. The low severity vulnerabilities are displayed on a green background, the medium severities on yellow, the high severities on orange and the critical severities on red. The bottom row of the matrix displays the counts of exploitable vulnerabilities with patches published more than 90 days ago. The requirements for this widget are: Tenable.io Vulnerability Management (Nessus).

Category

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training