CorreLog, Inc. Issues Statement on Spectre and Meltdown CVE Mitigation with CorreLog SIEM Correlation Server

CorreLog has released a statement on the newly-found Intel vulnerabilities, Spectre and Meltdown, with ways to better identify and prepare for any malicious software using CorreLog SIEM Correlation Server.

Naples, FL, January 30, 2018CorreLog, Inc., the leader in multi-platform IT security event log management, today issued a statement regarding Spectre and Meltdown CVE vulnerabilities with CorreLog SIEM Correlation Server. Spectre and Meltdown are two vulnerabilities that affect virtually all Intel and AMC processors built in the last 20 years. These vulnerabilities affect the chip and access information as it’s being used by a legitimate process on the computer. Spectre, attacks the chip, and tricks the processor into starting a speculative execution process, making information momentarily easier to access. The other vulnerability, Meltdown, lets attackers access secret information through a computer’s operating system such as Microsoft Windows or Apple’s High Sierra.

“Spectre and Meltdown may prove to be the worst hardware vulnerabilities ever,” said George Faucher, president and CEO of CorreLog. “With CorreLog’s server organizations are alerted of attempts to insert malicious software immediately and have a constant monitoring of internal firewalls and systems with 24/7 protection and alerts in real-time against any malware, Spectre and Meltdown included.”

CorreLog’s SIEM Server provides real-time alerts and monitoring from all threat vectors by collecting all system log messages in your network and correlating them into understandable threats across Windows/UNIX and mainframe systems. CorreLog’s Server can assist with the mitigation of Spectre, Meltdown, or any other malicious software through a variety of techniques.

  • CorreLog agents watch processes and can alert on anomalous process execution.
  • The CorreLog Server can monitor and alert on internal firewalls and systems to determine who has access to critical and confidential machines.
  • The CorreLog Server reputation database can watch internal traffic to external websites or machines that have bad reputations.
  • The CorreLog FIM (File Integrity Monitor) agent can continuously scan directories and files, and report on additions, deletions, or changes to files, executing on a wide variety of platforms including Windows, UNIX, Linux, and MAC OSX systems.
  • CorreLog agents can track user access to platforms, including changes to active directory groups and privileges, to identify attempts to change permissions (that might grant access to malicious individuals) and issue immediate alerts as text, email, or notification to service desk.
  • CorreLog can furnish a global watch and overview of system updates, AV programs, and other defense measures that can be used to verify good internal security.
  • CorreLog can furnish behavioral analysis of users and programs, to verify that a managed network is operating within expected and normal tolerances.

If you are wondering if you have been affected by these vulnerabilities, CorreLog is interested in talking with you and reviewing the settings and real-time alerting capabilities of your installation to verify coverage of the threats described here, as well as other threats that may put you at unnecessary risk.

If you are a CorreLog customer, you may read the full statement from CorreLog here.

About CorreLog

Since 2007, CorreLog, Inc. has been committed to delivering software solutions for Security and Compliance auditing professionals who need more advanced network/system security and improved adherence to PCI DSS, HIPAA, SOX, FISMA, GDPR, ISO 27001, IRS Pub. 1075, NERC and other industry standards for protecting data. Our solutions are designed to be complementary to clients’ existing IT investments.

CorreLog specializes in providing the most comprehensive Security & Compliance software at the industry’s lowest Total Cost of Ownership. Our solutions help secure data across both mainframe and distributed operating systems and provide alerts with notifications in real-time to security and network operations resources. CorreLog has worked with companies across Fortune 500 to SMB class who all benefit from our ease of installation and highly interoperable approach to building software that is simple to use and master, out of the box. Our customers are up and running with monitoring and alerts within just a few hours, versus weeks or even months with competing enterprise vendor solutions. Our software agent monitoring technology spans from Windows, Linux, UNIX, Mac, SAP, and databases all the way up to the largest mainframes running IBM® z/OS®, Linux on z Systems, IBM® Db2, IBM® IMS™, and IBM® z/VM.

CorreLog has installed software and framework components used successfully by hundreds of commercial and government organizations worldwide. Our core solutions provide visibility on privileged-user activity, data integrity, FIM and application activity that may hold evidence of cyber threat, and in real time, we notify security personnel with alerts in accordance with compliance standards. For more information on CorreLog, please visit CorreLog.com

###

Copyright © 2018, CorreLog, Inc. All rights reserved.
All trademarks and registered trademarks used herein are the properties of their respective owners.

Press Contact:

Tony Perri, CorreLog Marketing & PR
Office: (239) 514-3331, xt. 406

tony.perri@correlog.comSHARE attendees will have the opportunity to meet with CorreLog at booth number 125 for live product demonstrations of the newest release of zDefender® for z/OS version 5.8.1. CorreLog’s zDefender® for z/OS is a leading solution for bringing z/OS event messages in real-time over to distributed SIEMs and populating Security Operations Center consoles.  The newest release includes significant enhancements for added security and compliance as well as the ability to provide metrics on z/OS system performance & IT Operations. CorreLog will also be featuring their other leading real-time mainframe security products including zDefender® Visualizer, dbDefender™ for Db2, and dbDefender™ for IMS.

“We are excited to be a part of the 2018 SHARE Sacramento Conference,” said George Faucher, president and CEO of CorreLog. “We are proud to showcase our newest release of z/Defender™ and our main goal is to help enterprises improve their mainframe security to the level its distributed counterpart is at.  Mainframes aren’t un-hackable and with 80 percent of the world’s data running through them, it must be a priority to protect them.”

CorreLog will also be hosting a technical breakout session chaired by Charles Mills, CorreLog director of advanced projects, titled “Digital Certificates - How They Really Work (part 1 of 3).” This presentation will focus on understanding and managing your own certificates, specifically the SSL or TLS certificate process. Part two will be led by Phil Smith III titled, “Digital Certificates - Real-World Usage on z/OS” and part three will be led by Ross Cooper titled “Digital Certificates - Lifecycle Management on z/OS.”

CorreLog Speaking Sessions at SHARE Sacramento 2018

Title: Digital Certificates Part 1 - How They Really Work

When: Monday, March 12, 2018 | 4:30 p.m. - 5:30 p.m.

Where: Room 304/305, Sacramento Convention Center

Who: Charles Mills, CorreLog Director of Advanced Projects | Speaker Bio

Session Number: #21967

More Info: Session Link | Part 2 Session Link | Part 3 Session Link

CorreLog Vendor Sponsored Presentation

Charles Mills will also be leading a vendor sponsored presentation on Tuesday, March 13, continuing the discussion started by keynote presenters Chad Rikansrud and Phil Young on mainframe security.

When: Tuesday, March 13 | 1:45 p.m. - 2:45 p.m. (All times local)

Where: Room 316, Sacramento Convention Center

Who: Charles Mills | Speaker Bio

 

About zDefender® for z/OS, Version 5.8.1

In real-time, delivers security event messages from z/OS to distributed SIEM systems and IT Security Operations Centers. zDefender® auto-formats event messages from RACF, CA-ACF2, CA-Top Secret, Db2, IMS, CICS, IND$FILE, FTP, TCP/IP and other facilities and in real time, exports the messages to a SIEM or IT SOC.

Additionally, zDefender® converts a myriad of additional mainframe events including TSO Logons, Production Job ABENDs, TCP/IP and FTP Connections. For ease of deployment, CorreLog’s zDefender® for z/OS has certified integrations with IBM QRadar, HP ArcSight (now Micro Focus), RSA Security Analytics, and has field integrations with every other leading SIEM solution including Splunk, McAfee ESM and cloud vendors such as Solutionary and Dell SecureWorks.

The ability to view cross-platform security event log data in real-time is a ground-breaking feature of CorreLog zDefender® for z/OS. Our real-time z/OS agent provides IT security personnel with a more inclusive view of system-wide threat data for a higher level of monitoring user and system accesses related to network intrusion. zDefender® facilitates compliance requirements set forth by PCI DSS, HIPAA, GDPR, ISO 27001, IRS Pub. 1075, GLBA, SOX, FISMA, NERC and many other standards.

zDefender® installs quickly, uses minimal resources, and does not require extensive training, ongoing maintenance or administration.

About dbDefender™ for Db2 for Db2 and IMS

CorreLog dbDefender™ for Db2 delivers up-to-the-second Db2 security alerts to CorreLog zDefender® Visualizer, CorreLog SIEM Correlation Server for Windows/UNIX, or any name-brand Security Information & Event Management (SIEM) product including Splunk Enterprise Security.

With dbDefender™, security admins now have up-to-the-second visibility that includes a host of user events centered around attempts to view or access the secure state of your Db2 environment.

About SHARE, Inc.

SHARE Inc. is an independent, volunteer-run association providing enterprise technology professionals with continuous education and training, valuable professional networking and effective
industry influence. Twice each year, SHARE gathers the leading subject matter experts, vendors, and business visionaries in enterprise IT for a week of education and innovation.

About CorreLog

Since 2007, CorreLog, Inc. has been committed to delivering software solutions for Security and Compliance auditing professionals who need more advanced network/system security and improved adherence to PCI DSS, HIPAA, SOX, FISMA, GDPR, ISO 27001, IRS Pub. 1075, NERC and other industry standards for protecting data. Our solutions are designed to be complementary to clients’ existing IT investments.

CorreLog specializes in providing the most comprehensive Security & Compliance software at the industry’s lowest Total Cost of Ownership. Our solutions help secure data across both mainframe and distributed operating systems and provide alerts with notifications in real-time to security and network operations resources. CorreLog has worked with companies across Fortune 500 to SMB class who all benefit from our ease of installation and highly interoperable approach to building software that is simple to use and master, out of the box. Our customers are up and running monitoring and alerts within just a few hours, versus weeks or even months with competing enterprise vendor solutions. Our software agent monitoring technology spans from Windows, Linux, UNIX, Mac, SAP, and databases all the way up to the largest mainframes with running IBM® z/OS®, Linux on z Systems, IBM® Db2, IBM® IMS™, and IBM® z/VM.

CorreLog has installed software and framework components used successfully by hundreds of commercial and government organizations worldwide. Our core solutions provide visibility on privileged-user activity, data integrity, FIM and application activity that may hold evidence of cyber threat, and in real time, we notify security personnel with alerts in accordance with compliance standards. For more information on CorreLog, please visit CorreLog.com.

###

Copyright © 2018, CorreLog, Inc. All rights reserved.
All trademarks and registered trademarks used herein are the properties of their respective owners.

Press Contact:

Tony Perri, CorreLog Marketing & PR
Office: (239) 514-3331, xt. 406

tony.perri@correlog.com

 

 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *