Creating a Spectre/Meltdown Search Lists, Scan Option Profile, Remediation Tracking and Patch Reports

Document created by DMFezzaReed Employee on Jan 17, 2018Last modified by Robert Dell'Immagine on May 21, 2018
Version 9Show Document
  • View in full screen mode

This article shows how to build some useful reports for Spectre and Meltdown:

  • Search lists
  • Scan option profile
  • Remediation tracking report
  • Patch report

 

You can use these reports to identify vulnerable systems so you can more easily prioritize them for patches.

 

Spectre/Meltdown Search Lists

Below are the steps to create Spectre/Meltdown Search Lists for Qualys VM scanning and reporting:

 

Dynamic Vulnerability Search List by CVEIDs:

 

 

CVE-2017-5754, CVE-2017-5753, CVE-2017-5715

 

 

 

Dynamic Hardware Processor Information Search List by title and category criteria:

 

 

 

 

Dynamic Authentication Results Information Search List by title and category criteria :

 

 

 

 

 

Spectre/Meltdown Option Profile

Below are the steps to create a Spectre/Meltdown Option Profile for Qualys VM authenticated scanning:

 

Each client should manage their scan option profile settings per their scan policy.  The requirements for Spectre/Meltdown detection and reporting are outlined in red in the image below.

 

 

 

Spectre/Meltdown Tracking Report Template

Below are the steps to create a Spectre/Meltdown Tracking Report Template for Qualys VM authenticated scanning:

 

 

 

 

 

Spectre/Meltdown Patch Report Template

Below are the steps to create a Spectre/Meltdown Patch Report Template for Qualys VM authenticated scanning:

1 person found this helpful

Outcomes