In the event you are writing about the AMD Ryzen and EPYC security vulnerabilities that were disclosed today, Josh Mayfield, Director of Product Marketing at FireMon commented below.
Josh Mayfield, Director of Product Marketing at FireMon:
“The critical security vulnerabilities and manufacturer backdoors affecting the AMD Ryzen and EPYC product lines could lead to significant trouble for enterprises, including vulnerabilities such as MasterKey, RyzenFall and Fallout, RyzenFall 2 and Fallout 2, and Chimera. The good news is that these new vulnerabilities can be managed with policy controls. Once a vulnerability is detected, swift policy changes and rule adjustments to the ACLs can effectively quarantine the vulnerability for deeper investigation and remediation.
The trouble with the recent AMD vulnerability is the backdoor – not only because the backdoor gives an attacker a gateway to run malwares without interfering with memory, but because the backdoor offers an escape hatch once the reconnaissance is complete. Organizations must close this escape hatch with access controls, rules and combinatorial controls that adapt to changing variation across networks. Using policy-based security programs, organizations can shortchange attackers by instantly modifying access to critical assets (and their attendant vulnerabilities) without having to leave their chair.
When it comes to vulnerability management and threat mitigation, the first rule to remember is: don’t panic. It’s also important for organizations to use the practical tools at their disposal to achieve incremental improvements. If policy is the bedrock of security programs, it stands to reason that we can leverage policy-based security to make sure the inherent vulnerabilities of our world do not turn into catastrophic data loss or result in a data breach.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.