JERSEY CITY, N.J., Jan. 08, 2018 (GLOBE NEWSWIRE) -- ThreatModeler Software, Inc., provider of the industry’s #1 automated threat modeling platform, today announced that it is providing threat intelligence updates for its customers in the wake of the Meltdown and Spectre vulnerabilities.
According to the founder and Chief Technical Architect of ThreatModeler™, Anurag “Archie” Agarwal, the recently discovered vulnerabilities are a “huge issue for companies and consumers alike. Almost everyone will be affected in one way or another.
“The problem is twofold,” continues Agarwal. “First, the vulnerabilities expose affected devices to kernel attacks, which is very serious and could undermine any security you already have in place. Second, the patches being circulated reportedly slow down a machine by as much as 30%. If that is true, it could be a significant complication for critical industries like airlines and hospitals.”
The Meltdown vulnerability affects devices with Intel and Qualcomm chips and one chip produced by ARM. Spectre affects chips made by Intel, ARM, AMD, and Qualcomm.
“The impact of these threats are significant, especially for Fortune 1000 companies with multiple thousands of potentially affected machines,” says Mark Meyer, Chief Revenue Officer of ThreatModeler. “Addressing this issue will be an important challenge for large enterprises. We have been working around the clock to deliver this latest threat intelligence update to all of our customers so they have visibility across their entire organization.”
According to Meyer, the intelligence updates being issued will allow ThreatModeler Software customers to determine where their organization is sensitive to Meltdown and Spectre, and gives visibility into these threats to quantify the downstream impact across their entire IT environment. “The ability to provide this level of visibility into emerging threats is a huge differentiator for ThreatModeler in the marketplace,” says Meyer. “It is one of the reasons ThreatModeler is increasingly relied on by Fortune 1000 companies.”
“Organizations need to quickly understand which machines they can patch and which machines need hardware replacement,” continues Meyer. “With this security update, our customers that subscribe to our platform for IoT systems, computing endpoints, infrastructures, and legacy systems will have their threat models updated automatically with this new intelligence.”
“It is very important that organizations gain full understanding of how these threats affect their IT systems and business as quickly as possible,” added Agarwal. “We’ve already seen two attack strategies developed in the wild around Spectre; it is only a matter of time before we see more, including strategies based on Meltdown. I don’t think we can yet pinpoint any industry that will be targeted more than others based on these vulnerabilities. But based on recent attacks, I would say that any company in the ICS, Airline, Hospital, Financial, and Retail sectors – as well as companies heavily invested in IoT – should do everything they can to fully understand the vulnerabilities and the potential threats involved.”
About ThreatModeler
Security Starts with ThreatModeler™ - the industry's #1 Automated Threat Modeling Platform.
ThreatModeler™ is an innovative enterprise threat modeling platform that helps organizations fully integrate security into their SDLC and reduce their overall risk posture. Our unique methodology automatically and seamlessly integrates security within existing agile and DevOps workflows. By identifying and mitigating potential security threats early in the SDLC – prior to implementing SAST and DAST, ThreatModeler™ simplifies efforts associated with developing secure applications. ThreatModeler™ then empowers enterprise IT organizations to map their unique secure requirements and policies directly into their enterprise cyber ecosystem – providing real-time situational awareness about their current threat portfolio and risk conditions.
Contact:
Brian Beyst
Senior Director of Marketing
ThreatModeler Software, Inc
101 Hudson St
Jersey City, NJ 07302
Phone: +1-507-251-0851
bbeyst@threatmodeler.com