forked from splunk/security_content
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathspectre_meltdown.yml
More file actions
30 lines (30 loc) · 1020 Bytes
/
spectre_meltdown.yml
File metadata and controls
30 lines (30 loc) · 1020 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
category:
- Vulnerability
channel: ESCU
creation_date: '2018-01-08'
description: Assess and mitigate your systems' vulnerability to Spectre and Meltdown
exploitation with the searches in this Analytic Story.
detections:
- detection_id: 354be8e0-32cd-4da0-8c47-796de13b60ea
name: Spectre and Meltdown Vulnerable Systems
type: splunk
id: 6d3306f6-bb2b-4219-8609-8efad64032f2
maintainers:
- company: Splunk
email: davidd@splunk.com
name: David Dorsey
modification_date: '2018-01-08'
name: Spectre And Meltdown Vulnerabilities
narrative: Meltdown and Spectre exploit critical vulnerabilities in modern CPUs that
allow unintended access to data in memory. This Analytic Story will help you identify
the systems can be patched for these vulnerabilities, as well as those that still
need to be patched.
original_authors:
- company: Splunk
email: davidd@splunk.com
name: David Dorsey
references:
- https://meltdownattack.com/
spec_version: 2
usecase: Security Monitoring
version: '1.0'