CorreLog, Inc. Issues Statement on Spectre and Meltdown CVE Mitigation with CorreLog SIEM Correlation Server

Share Article

CorreLog has released a statement on the newly-found Intel vulnerabilities, Spectre and Meltdown, with ways to better identify and prepare for any malicious software using CorreLog SIEM Correlation Server.

With CorreLog’s server organizations are alerted of attempts to insert malicious software immediately and have a constant monitoring of internal firewalls and systems with 24/7 protection and alerts in real-time against any malware, Spectre and Meltdown included.

CorreLog, Inc., the leader in multi-platform IT security event log management, today issued a statement regarding Spectre and Meltdown CVE vulnerabilities with CorreLog SIEM Correlation Server. Spectre and Meltdown are two vulnerabilities that affect virtually all Intel and AMC processors built in the last 20 years. These vulnerabilities affect the chip and access information as it is being used by a legitimate process on the computer. Spectre, attacks the chip, and tricks the processor into starting a speculative execution process, making information momentarily easier to access. The other vulnerability, Meltdown, lets attackers access secret information through a computer’s operating system such as Microsoft Windows or Apple’s High Sierra.

“Spectre and Meltdown may prove to be the worst hardware vulnerabilities ever,” said George Faucher, president and CEO of CorreLog. “With CorreLog’s Server organizations are alerted of attempts to insert malicious software immediately and have a constant monitoring of internal firewalls and systems with 24/7 protection and alerts in real-time against any malware, Spectre and Meltdown included.”

CorreLog’s SIEM Server provides real-time alerts and monitoring from all threat vectors by collecting all system log messages in your network and correlating them into understandable threats across Windows/UNIX and mainframe systems. CorreLog’s Server can assist with the mitigation of Spectre, Meltdown, or any other malicious software through a variety of techniques.

  • CorreLog agents watch processes and can alert on anomalous process execution.
  • The CorreLog Server can monitor and alert on internal firewalls and systems to determine who has access to critical and confidential machines.
  • The CorreLog Server reputation database can watch internal traffic to external websites or machines that have bad reputations.
  • The CorreLog FIM (File Integrity Monitor) agent can continuously scan directories and files, and report on additions, deletions, or changes to files, executing on a wide variety of platforms including Windows, UNIX, Linux, and MAC OSX systems.
  • CorreLog agents can track user access to platforms, including changes to active directory groups and privileges, to identify attempts to change permissions (that might grant access to malicious individuals) and issue immediate alerts as text, email, or notification to service desk.
  • CorreLog can furnish a global watch and overview of system updates, A/V programs, and other defense measures that can be used to verify good internal security.
  • CorreLog can furnish behavioral analysis of users and programs to verify that a managed network is operating within expected and normal tolerances.

If you think you may have been affected by these vulnerabilities, CorreLog is interested in talking with you and reviewing the settings and real-time alerting capabilities of your installation to verify coverage of the threats described here, as well as other threats that may put you at unnecessary risk.

CorreLog customers may read the full statement from CorreLog here.

About CorreLog

Since 2007, CorreLog, Inc. has been committed to delivering software solutions for Security and Compliance auditing professionals who need more advanced network/system security and improved adherence to PCI DSS, HIPAA, SOX, FISMA, GDPR, ISO 27001, IRS Pub. 1075, NERC and other industry standards for protecting data. Our solutions are designed to be complementary to clients’ existing IT investments.

CorreLog specializes in providing the most comprehensive Security & Compliance software at the industry’s lowest Total Cost of Ownership. Our solutions help secure data across both mainframe and distributed operating systems and provide alerts with notifications in real-time to security and network operations resources. CorreLog has worked with companies across Fortune 500 to SMB class who all benefit from our ease of installation and highly interoperable approach to building software that is simple to use and master, out of the box. Our customers are up and running with monitoring and alerts within just a few hours, versus weeks or even months with competing enterprise vendor solutions. Our software agent monitoring technology spans from Windows, Linux, UNIX, Mac, SAP, and databases all the way up to the largest mainframes running IBM® z/OS®, Linux on z Systems, IBM® Db2, IBM® IMS™, and IBM® z/VM.

CorreLog has installed software and framework components used successfully by hundreds of commercial and government organizations worldwide. Our core solutions provide visibility on privileged-user activity, data integrity, FIM and application activity that may hold evidence of cyber threat, and in real time, we notify security personnel with alerts in accordance with compliance standards. For more information on CorreLog, please visit CorreLog.com

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Tony Perri
CorreLog, Inc.
+1 (877) 267-7356 Ext: 422
Email >
@Joelle_M_F
Follow >
CorreLog, Inc.
Like >
Follow us on
Visit website