AttackIQ Announces Attack Scenarios that Test System Security Flaws for Meltdown, Spectre Attacks

Two automated test scenarios provide security teams with the insight to determine if their systems are susceptible to attack


SAN DIEGO, Jan. 05, 2018 (GLOBE NEWSWIRE) -- AttackIQ™, a leader in the emerging market of continuous security validation, today announced that AttackIQ Labs has developed automated system test scenarios that can validate if infrastructure is susceptible to the Meltdown and Spectre attacks.

“AttackIQ has made it a point to stay on top of the latest evolution of attacks like Spectre and Meltdown,” said Carl Wright, chief revenue officer for AttackIQ. “We’ve developed a way that organizations can determine if their infrastructure is susceptible to these threats so that they can implement the appropriate compensating controls to protect themselves and keep their data secure. But for enterprise organizations, this is likely just the tip of the iceberg. In 2018, organizations will need to spend at least 10 percent of their security budget on continuous security validation through automated testing to ensure that existing security controls and IR processes are effective. Attack simulation is an easy place to start, just like CVE testing was, and going forward there should be little reason for not identifying protection failures before adversaries capitalize on them.”

Created at the same time, the Meltdown and Spectre attacks are two separate exploits that stem from a fundamental chip flaw enabling attackers access to privileged data on users’ computers. The flaw affects the entire technology stack of a given system, from the processor to the browser passing through the operating system.

Specifically, the Meltdown attack breaks user and system memory isolation enabling a user process to access kernel memory. The Spectre attack can force a bug-free application to leak arbitrary memory contents from its address space. Both exploits, which affect Intel, AMD and ARM chips, give attackers the ability to compromise countless user devices ranging from phones and tablets to laptops and TVs.

To address both threats, AttackIQ created two automated test scenarios simulating the attacks. The first scenario identifies if a user’s system is updated with the latest patches that prevent these attacks from being successful. The other scenario executes a Spectre proof-of-concept in the user’s system assessing if it is vulnerable to the attack. Users can choose between running a simple check or deploying the real thing to see how their defenses respond against it.

“Kicking off 2018, the Spectre and Meltdown exploits are the latest examples of chip flaws that allow attackers to quickly and easily access privileged data on users’ devices, but they will hardly be the last,” said Stephan Chenette, CEO of AttackIQ. “With new waves of sophisticated threats constantly being developed, organizations have to assume that attackers will inevitably gain access to their network. AttackIQ’s two new attack scenarios can provide critical visibility into an organization’s security posture, highlighting their level of preparedness in these attacks and other serious threats down the road. Because these days, the ability to continuously validate security controls and posture in almost real-time is now more imperative than ever.”

The AttackIQ FireDrill™ platform identifies what Windows assets have already been patched in the network and which ones remain susceptible to attack. Known for its Offensive Defense strategy, the company helps organizations find protection failures before the adversary by augmenting security teams with their patented attack simulation platform. This approach gives security personnel the ability to provide augmentation to increase testing, as well as a continuous security control validation tool to locate problems before attackers do. AttackIQ also provides incident response teams with the ability to exercise "at will" to evaluate performance or identify process gaps. Equipped with these tools, CISOs are given constant insight into the effectiveness of their company's security controls and posture.

For more information on AttackIQ’s continuous security validation, visit www.attackiq.com.

For more information on the Meltdown and Spectre attacks and how AttackIQ can protect organizations, visit our blog https://goo.gl/BymJL7.

About AttackIQ
AttackIQ, a leader in the emerging market of attack simulation, built the industry's first platform to give mid-market and large enterprises the ability to test and measure the effectiveness of their security capabilities. The open FireDrill™ platform provides insight into how well current security tools, products and processes are working. The AttackIQ Community, which launched in July 2016, brings together the brightest minds in the security industry to challenge existing security practices and bring a more collaborative methodology to validating security decision-making. With its FireDrill™ platform and purpose-built community, AttackIQ is changing the security game. For more information visit www.attackiq.com. Follow AttackIQ on Twitter, Facebook, LinkedIn, and Vimeo.

Contact:

Sarah Thorson
10Fold Communications
attackiq@10fold.com
609-234-8531