The Definitive Guide to Readiness, Detection, and Remediation

For SolarWinds and Similar Advanced Attacks

The 2020 attacks against several U.S. government agencies and private enterprises shine a light on the challenges in detecting and preventing attackers from circumventing interior security controls, harvesting credentials, and moving laterally to achieve their objectives. Organizations need to assume compromise and extend a security methodology to fill the gap in their security toolset.

This paper breaks down the SolarWinds attack and the benefits of an Active Defense fabric that turns the tables on attackers by detecting and stopping the lateral movement of malicious activity once inside that evaded perimeter defenses.

Get Whitepaper

Download the Whitepaper to Learn:

  • What we currently know about the attacks: background, attack flow and components, and how the attackers targeted the ADFS to accomplish a Golden SAML attack technique.
  • Attack remediation and preparedness: patching, mapping hosts and pathways to ADFS hosts, privilege escalation readiness for ADFS and kerberoasting, removal of unnecessary privileged credentials and connections, lateral movement detection, and ensuring attack telemetry and threat intelligence.
  • Illusive Active Defense using MITRE Shield techniques: detailing the key capabilities of the Illusive suite and its deterministic approach to lateral movement detection.