Closing the Backdoor: Reverse Engineering SUNBURST

Presented by

Mandiant FLARE Experts

About this talk

At the end of 2020, FireEye revealed the details of a sophisticated threat actor that took advantage of SolarWinds’ Orion Platform to orchestrate a wide-scale supply chain attack and deploy a backdoor we call SUNBURST. This attack impacted organizations worldwide, leading executives everywhere to question whether their environment fell victim. Discovering, sharing, and shutting down access to the SUNBURST backdoor, which allowed attackers to move freely and spy on victims, required the unique expertise of Mandiant’s Frontline Applied Research and Expertise (FLARE) team. And for Mandiant Managed Defense, the identification of victims started well before the public became aware of the SUNBURST campaign. Join Mandiant experts for a retelling of the SUNBURST discovery story and a look inside how they addressed the SUNBURST threat with customers, including stories from the front lines of this customer-focused response. Our experts will also highlight: • How this prolific cyber-attack changes the way we view security • SUNBURST threat actor TTPs and how Mandiant hunts for the most relevant, and dangerous threats • What threat hunting techniques should be deployed to find today’s stealthiest attackers Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15.
Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (346)
Subscribers (127356)
Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.