Discover Your Exposure So You Can Protect It
Request a free hyper external attack surface scan today.
Webinar Jan. 18, 2023: Cybersecurity New Year’s Resolution – Go On the Offensive
It took stealing the crown jewels of one of the leading cyber security companies – the offensive hacking tools of FireEye – for anyone to detect what’s shaping up to be a truly watershed cyberattack.
IT organizations can and must have visibility into their exposure to any its vendors. That is, customers should have systems in place that are able to inventory, at any given time, what solutions, products and technologies are deployed where. These inventories will be critical in following federal guidelines and shutting down compromised, or potentially compromised, instances.
Based on our experience and analysis many organizations do not have this inventory available. Organizations are struggling to keep tabs on their inventory and lack external attack surface visibility. This situation applies in the case of deployments of SolarWinds Orion (and other SolarWinds products and services).
Through our attack surface discovery solution, we’re seeing hundreds of SolarWinds Orion instances, some deeply misconfigured, with strong indicators (independently verified by the customers we contacted) of being unmanaged and deployed as shadow IT.
It could be a recent acquisition of a company that used the system or an instance that was created as part of POC (in some of them, the default credentials were used). Furthermore, some of the companies in whose networks we detected these exposed SolarWinds Orion instances are themselves supply-chain vendors with thousands of customers. This means that the exposure to the risks of this attack lie further beyond SolarWinds and its customers and extends to customers of customers, and beyond.
Due to the gravity of this cyberattack, and the many unknowns still surrounding the scope of its victims, we’re offering our online SolarWinds discovery free of charge.
When you request a scan:
Results, and scan report are delivered within 3 days.
Request a free hyper external attack surface scan today.