Blog
Video: SUNBURST Attack Series
ExtraHop
December 21, 2020
News of the SolarWinds Orion SUNBURST attack fell swift and hard across the security community. As the dust is settling, ExtraHop's research team is continuing to investigate and provide more information on how to detect and respond to SUNBURST, including a forensic examination of sunburst.
With this type of attack, the bestw way to know if you have been compromised is to go back and investigate your network data with the assistance of AI.
ExtraHop's Josh Snow has created a series of short videos to help you understand how the SUNBURST works and how you can leverage ExtraHop Reveal(x) network detection and response to look for signs of malicious activity in your network.
In the first video, Josh details what you can do today to detect any SUNBURST threats using Reveal(x).
To dive deeper, Josh offers a step-by-step guide on how to use Reveal(x)'s threat hunting capabilities to tell if you've been affected.
Next, Josh explains how to use ExtraHop Reveal(x) to run the script to check for SUNBURST Backdoor.
Finally, to look for future signs of compromise, Josh shows you how to optimize your detection feed to ensure that you're being alerted to the most relevant information.
Discover more