Information & Resources regarding SolarWinds Orion Incident
As many are aware, SolarWinds Orion products experienced a security incident that has compromised private and public companies alike. VVL Systems and it’s partners are sympathetic towards any organization that may have been impacted. Given our valued relationship with you and your business, our partner team has compiled and recommended the following actions and resources to work through this incident, should you be compromised.
Review the most current information to determine if your version of software was vulnerable. SolarWinds has published a security advisory. With an incident of this magnitude, information is subject to change, so continue to review communications, and check their website frequently. Depending on your risk tolerance, you may want to immediately disconnect or power down related software.
If your software version has been impacted, start your incident response processes, and engage your teams to start gathering information.
Ask your security team to review and check for indicators of compromise. This will help you scope the incident and understand how to apply your resources for remediation. Some good resources include:
a. FireEye Threat Research
b. FireEye Mandiant SunBurst Countermeasures (GitHub)
c. CISA Active Exploitation of SolarWinds Software Activity Report
d. Internet Storm Center Solarigate Report
e. DHS Emergency Directive 21-01
Monitor the progress of your security vendors. Signatures and detection capabilities will be released, so make sure that your security tools are updated with the latest capabilities.
As a valued customer, if you’re temporarily shutting down your SolarWinds Orion Network Management products and looking for alternative solutions to monitor and ensure uptime in your infrastructure; we’d like to extend a 90-day free offer on Entuity Network Analytics to assist you in monitoring your infrastructure while you work to isolate any potential compromised hosts.
Please reach out to us if you would like a demo of Entuity Network Analytics software.
Additionally, our partner BMC Software offers solutions that fully automate the remediation of network security vulnerabilities, from detection of the exposure to closure, and deliver results 10X faster than
manual methods. Please reach out to us if you would like a demo or to learn more about how Entuity minimizes the risk profile of vulnerabilities on your network, and how BMC can improve your overall vulnerability management process.