Creating a Spectre/Meltdown Search Lists, Scan Option Profile, Remediation Tracking and Patch Reports

Document created by DMFezzaReed Employee on Jan 17, 2018Last modified by DMFezzaReed Employee on Jan 17, 2018
Version 7Show Document
  • View in full screen mode

Below are the steps to create a Spectre/Meltdown Search Lists for Qualys VM scanning and reporting:

 

Dynamic Vulnerability Search List by CVEIDs :

 

 

CVE-2017-5754, CVE-2017-5753, CVE-2017-5715

 

 

Dynamic Hardware Processor Information Search List by title and category criteria :

 

 

 

Dynamic Authentication Results Information Search List by title and category criteria :

 

 

 

 

Below are the steps to create a Spectre/Meltdown Option Profile for Qualys VM authenticated scanning:

 

Each client should manage their scan option profile settings per their scan policy.  The requirements for Spectre/Meltdown detection and reporting are outlined in red in the image below.

 

 

Below are the steps to create a Spectre/Meltdown Tracking Report Template for Qualys VM authenticated scanning:

 

 

 

Below are the steps to create a Spectre/Meltdown Patch Report Template for Qualys VM authenticated scanning:

 

1 person found this helpful

Outcomes