Back to qualys.com
13 posts

Meltdown/Spectre and Qualys Cloud Platform

In light of the recently released information about two security vulnerabilities, Qualys has considered the impact on the Qualys Cloud Platform and associated services. Qualys released a detailed advisory for customers of the Qualys Cloud Platform to help customers identify these vulnerabilities and to assist customers in their internal security assessment.  

Below, please find information about how Qualys has performed its assessment and is taking steps to protect its environment and the Qualys Cloud Platform:

Continue reading …

Visualizing Spectre/Meltdown Impact and Remediation Progress

In order to determine the impact of Spectre/Meltdown and track remediation progress across your entire environment, it is important to visualize vulnerability detections in a dynamic dashboard. For more information on Spectre and Meltdown, please see our previous blog.

Using Qualys AssetView, we have created a dashboard with preloaded widgets that can help track remediation progress as you patch against Spectre and Meltdown. These widgets were built with out-of-the-box functionality, and can be imported into any Qualys subscription.

Continue reading …

Processor Vulnerabilities – Meltdown and Spectre

UPDATE 1/4/2018: Qualys has released several QIDs for detecting missing patches for these vulnerabilities.
UPDATE 1/5/2018: Pre-built AssetView dashboards to visualize impact and remediation progress.

Vulnerabilities potentially impacting all major processor vendors were disclosed today by Google Project Zero. These vulnerabilities have been named Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715). Organizations should inventory their systems by processor type, apply vendor patches as they become available, and track their progress. This article describes how Qualys can help in all three areas.

Continue reading …