Sunburst and Breaking the Kill-Chain

Written by: Tony Cole, CTO – Sometime in early 2020, the SolarWinds Orion software build process had malicious code injected into it. Enterprises around the globe widely deploy this network management and monitoring software. Unsuspecting companies did their regular patch and update cadence when SolarWinds provided an Orion update. Unfortunately, this action embedded a backdoor into a critical system within their enterprise, providing an attacker initial access to multiple endpoints.