Preparedness, Detection and Response Strategies for SolarWinds and Similar Attacks

The scope of the SolarWinds attack has shaken the global cybersecurity community. This white paper goes beyond after-the-fact analysis and offers concrete preparedness, detection, and response guidance on turning the tables on the attackers by detecting and stopping lateral movement inside the network, examining:

  • The SolarWinds/Orion – SUNBURST attack flow
  • Golden SAML vulnerabilities
  • Evidence the attacker is still inside after remediation
  • Steps to create an environment hostile to attackers
  • Closing security gaps with lateral movement detection