eBooks & Reports


Issue link: https://resources.threatstack.com/i/933936

Contents of this Issue


Page 1 of 2

2 YO U G E T A S K E D What are Spectre and Meltdown? How can we protect against them? Spectre & Meltdown H O W T H R E AT S TA C K C A N H E L P • Threat Stack's pla orm pulls down all known CVEs from NVD each day to let you know what vulnerabili es exist in your infrastructure. • In the off chance that a bad actor is able to exploit one of these, Threat Stack's behavior-based approach iden fies any anomalous ac vity that may have go en in — whether it's via Spectre, Meltdown, or other unknown vulnerabili es. • In contrast to Threat Stack, a signature- based approach would not be able to detect anything beyond known vulnerabili es or signatures. T H E R E A L I T Y These are two serious architecture-based vulnerabili es that could be weaponized (but haven't been so far). A acks would take advantage of vulnerabili es in CPUs. R E C O M M E N D E D A C T I O N Since these are just two of the latest vulnerabili es, do not focus on them exclusively: • Strengthen your overall vulnerability hygiene to defend against these vulnerabili es as well as others. • Consider using a behavior-based pla orm such as Threat Stack. • Apply so ware patches as they become available. 3 YO U G E T A S K E D How can we protect our intellectual property (IP) and systems against a malicious inside actor? The of Intellectual Property & Corporate Espionage H O W T H R E AT S TA C K C A N H E L P • Threat Stack's behavior-based pla orm makes it easy to create rules around expected deployment and maintenance pa erns. • Out-of-the-box rules around File Integrity Monitoring (FIM), privilege escala on, and data exfiltra on can ensure that IP remains untouched and unmodified. T H E R E A L I T Y Your organiza on needs to take me to understand where its IP lives, who has access to it, and how sensi ve it is. A erwards, you can get tac cal. R E C O M M E N D E D A C T I O N • Start to model behaviors: How is IP deployed into produc on? Who logs into servers that contain IP? What ac ons are people taking when they log into these servers? • Perform an inventory. What is your organiza on's IP? What systems carry company IP? How is access granted to company IP? • Analyze the way IP leaves your pla orm if applicable, and create processes and aler ng based on those ac ons. • Understand how IP is deployed and maintained. Are there common deployment or maintenance pa erns?

Articles in this issue

Links on this page

view archives of eBooks & Reports - Threat-Stack-Security-Compliance-Quick-Reference