Corresponding security measures for ARM platforms are currently under development. With these services, existing applications can be protected against the recently known attacks on branch target injection attacks without having to recompile the application.

For security professionals, Spectre Branch Target Injections became an important issue virtually overnight. The recently published security vulnerability in modern processors can be exploited to steal confidential information. The cyber community is working hard to provide patches for the most commonly used compilers to prevent attacks. However, in areas such as IoT, defense, medical technology, industry or consumer, it is not always possible to recompile applications and firmware source code. Here, the systems remain vulnerable and confidential information such as personal data or passwords can be stolen from otherwise error-free applications.

GrammaTech's Cyber Hardening Services can be used to protect critical applications and libraries against Spectre attacks. The service uses binary analysis to identify vulnerable areas in the code and then transforms the application's binaries with secure code for the affected areas. These pieces of code follow the "Retpolines" approach published by Google.

"GrammaTech's binary file transformation technology is a key tool for protecting modern software systems," says Alexey Loginov, Vice President of Research at GrammaTech. "Applications can be protected without accessing the source code. This allows security professionals to deploy updates faster. This protection against Spectre, based on Google's Retpolines approach, is one of the features that make up GrammaTech's cyber hardening. The technology can also help against buffer overruns and many other issues on the Common Weakness Enumeration list."

Cyber professionals with existing applications who need to ensure the protection of information quickly but cannot work with the source code can use this technology immediately.

www.grammatech.com