The scope of the SolarWinds attack has shaken the global cybersecurity community. This white paper goes beyond after-the-fact analysis and offers concrete preparedness, detection, and response guidance on turning the tables on the attackers by detecting and stopping lateral movement inside the network, examining:
- The SolarWinds/Orion – SUNBURST attack flow
- Golden SAML vulnerabilities
- Evidence the attacker is still inside after remediation
- Steps to create an environment hostile to attackers
- Closing security gaps with lateral movement detection
