It’s been a busy week for cybersecurity professionals as they respond to the SolarWinds breach. On December 13, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to immediately “disconnect or power down SolarWinds Orion products" as they were being actively exploited by malicious actors.

Infosec Skills author and KM Cyber Security managing partner Keatron Evans is helping numerous clients respond to the breach. In this live discussion and incident response demo (recorded Friday, December 18) he covers:

– What happened with the SolarWinds supply chain attack
– Immediate action you can take to protect your systems
– Industry responses to help mitigate the incident
– Live demo of Snort, memory forensics and Zeek
– Q&A with live attendees

Live walkthroughs from Keatron can be found here:
– Full video presentation: https://www.youtube.com/watch?v=5lc4HtmEYl4
– 10-minute Snort demo for SolarWinds and Sunburst incident response: https://www.youtube.com/watch?v=wG8dLV-LZwY
– 10-minute memory forensics demo of SolarWinds and Sunburst: https://www.youtube.com/watch?v=uLGLCv1Cu6A

Additional resources discussed by Keatron:
– FireEye Mandiant SunBurst countermeasures: https://github.com/fireeye/sunburst_countermeasures
– McAfee analysis into the Sunburst backdoor: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/additional-analysis-into-the-sunburst-backdoor/
– Keatron's free Cyber Work Applied training videos: https://www.infosecinstitute.com/learn/
– Keatron's Infosec Skills courses: https://www.infosecinstitute.com/authors/keatron-evans/

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with  skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.