Vulnerabilities give headaches to security teams. RSA aims to improve the user experience and minimize the time of response to these types of attacks. When publishing the Meltdown / Spectre vulnerability, Microsoft released updates to be installed on all Windows operating systems.
However, we have created an Instant Indicator of Compromise (IIOC) to perform validation if the update was installed on each endpoint regardless of the version of the operating system.
When the IIOC does not detect this update on the endpoint, it will trigger:
IIOC configuration:
For your convenience, you can download this IIOC below.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.