It looks like you're new here. If you want to get involved, click one of these buttons!
On January 3rd, 2018, researchers from Google, academic institutions, and private companies publicly revealed two security flaws - Spectre and Meltdown - that exist within nearly every Intel CPU built since 1995. The details of the vulnerabilities are outlined in CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754.
We want to inform all on this forum that AlienVault is aware of the issue and has been actively investigating the risk. Our goal, as always, is to assure the confidentiality, integrity, and availability of your USM Anywhere service and data. As threat intelligence to help detect attacks against the Spectre and Meltdown vulnerabilities is published - whether by AlienVault or through the Open Threat Exchange (OTX) - it will be immediately available to you.
To be successfully exploited, the discovered vulnerabilities require that an attacker have direct access to the host. In the case of USM Anywhere, this would require the attacker to circumvent multiple controls implemented both by AlienVault as well as by our hosting provider.
Overall, we feel that the risk of this vulnerability being exploited is very low, and there are no known attacks that have utilized this exploit. That said, we will continue to monitor the situation closely and will carefully evaluate any relevant patches made available.
We do recommend our customers with USM Anywhere Sensors deployed on VMware or Hyper-V ensure that they have applied the latest security updates to their environment. For USM Anywhere Sensors that are deployed onto a hosted or public cloud platform such as Amazon Web Services and Microsoft Azure, we recommend you contact that service provider to determine possible next steps to identify the level of risk, and any remediation steps.
Customers with any additional questions or concerns should reach out to AlienVault Support.