The industry has been racing to fix Meltdown and Spectre, but aside from writing custom SQL queries or by manually checking each system, how do we face the daunting challenge of determining what systems have the compatible Eraser Engine and which ones do not?
The industry has been racing to fix Meltdown and Spectre, but aside from writing custom SQL queries or by manually checking each system, how do we face the daunting challenge of determining what systems have the compatible Eraser Engine and which ones do not?

.

Meltdown and Spectre are critical enough vulnerabilities that need to be patched quickly, however, many organizations using Symantec Endpoint Protection continue to struggle identifying whether they have the right Eraser Engine version updates installed to protect their systems.

 

If you applied that security update to systems in your network running SEP, it is possible your systems experienced a Blue Screen (BSOD) STOP error MEMORY_MANAGEMENT (0x1a) because the Microsoft patch conflicts with Symantec’s ERASER (Expanded Remediation And Side Effect Repair) engine.

 

Essentially, this means that your systems will be vulnerable to any Meltdown/Spectre attacks until:

1. The SEP Eraser Engine is updated to version 117.3.0.358 or greater

2. The Windows Security Updates have been applied

 

Customers who use SOLVE for SEP are able to quickly and efficiently create dashboards to report on their entire SEP deployment displaying what systems were ready for the Meltdown/Spectre Security Update and which systems needed the Eraser Engine updated first.

.

Here is an example of a SOLVE dashboard we were able to build in less than 30 minutes using live data, so we can keep track of the progress instantly.

 

We divided the dashboard by region for the Americas, Europe, and Asia. On the left, we used donut charts to show the Eraser Engine version distribution. On the right side, we used number boards to display the systems that were running a version of the Eraser Engine older than the compatible version required (117.3.0.358).

 

SOLVE dashboards are interactive, so we are able to perform detailed drill-downs on each slice of the donut chart and on the number board in order to get a complete list of the systems. SOLVE for SEP has an integrated scheduler which allows our customers to submit the details to a ticketing system on a regular basis for the appropriate staff to resolve. One of our large enterprise customers explained,

“With SOLVE for SEP, we can now ‘see’ our data and it has saved us countless hours of manual research!”

.

Detailed drill-down in SOLVE for SEP
Here is a sample of the detailed drill-down

 

In order to determine the full magnitude of Spectre/Meltdown and prioritize remediation, it is important to have actionable intelligence and comprehensive real-time visibility across the environment to identify and inventory all known and unknown endpoints to improve your security posture.

 

Stay tuned for future updates, recommendations, and best practices related to Meltdown and Spectre, and for information about how SOLVE can help.

Sarah Isaacs (Conventus) Wins Minority-owned Cybersecurity Company of the Year

Sarah Isaacs, Co-Founder and COO, Conventus

 

Sarah Isaacs, Co-Founder and COO of Conventus Corporation, is the winner of the prestigious Minority-owned Cybersecurity Company of the Year presented by the International Consortium of Minority Cybersecurity Professionals (ICMCP). The award was presented at the ICMCP third annual national conference September 18-19, 2018 in Atlanta, Georgia at the Westin Buckhead Atlanta.

 

“I’m so honored and grateful to be involved with a wonderful organization like ICMCP; one that encourages me, and all of us at Conventus, to do so much MORE. Our partnership with ICMCP has inspired members of the Conventus team to participate at their local level. We are now sponsoring robotics teams, participating in hacker camps for early learners, speaking at high schools about information security and potential career paths as well as award the annual Conventus Scholarship to deserving college students. We are committed to ensuring our young aspiring technologists have access to the tools and education needed to make an impact in our industry,” said Isaacs.

 

Isaacs also presented the annual Conventus Scholarship Award to Jaquavian Alexander, a college freshman pursuing a degree in Computer Science with a concentration in Cybersecurity at New York University.

 

The ICMCP is a 501(c)(3) non-profit organization dedicated to issues related to cybersecurity career and industry developments impacting minority cybersecurity professionals and continues to elevate the national dialogue on the critical strategic, tactical and operational imperatives needed to attract and develop minority cybersecurity practitioners.

 

Read the full article here