Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 400 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
In light of the SolarWinds compromise, Optiv recommends taking the following steps to help reduce exposure:
Per SolarWinds, known affected products are: Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, or with 2020.2 HF 1, including:
Application Centric Monitor (ACM)
Database Performance Analyzer Integration Module* (DPAIM*)
Enterprise Operations Console (EOC)
High Availability (HA)
IP Address Manager (IPAM)
Log Analyzer (LA)
Network Automation Manager (NAM)
Network Configuration Manager (NCM)
Network Operations Manager (NOM)
User Device Tracker (UDT)
Network Performance Monitor (NPM)
NetFlow Traffic Analyzer (NTA)
Server & Application Monitor (SAM)
Server Configuration Monitor (SCM)
Storage Resource Monitor (SRM)
Virtualization Manager (VMAN)
VoIP & Network Quality Manager (VNQM)
Web Performance Monitor (WPM)
SolarWinds announced today that its product was allegedly used to breach multiple high-profile organizations. One of these organizations was FireEye. FireEye made the breach public last week, and today released a detailed report showing how SolarWinds was used to breach its network.
Attackers appear to have compromised SolarWinds early in 2020, adding a back door to a key SolarWinds library. This modified library was delivered to selected SolarWinds customers via the company’s normal update process.
Attackers would then be able to enable/disable security tools, change configurations, load unauthorized patches or prevent patches from being applied, among other things.
At this point, a list of organizations selected during the attack is not public.
Currently, the following names are used to describe the attack:
What you should consider doing at this point –
IOCs from Microsoft's report:
As always, Optiv stands ready to assist you with any security matter during these complex and trying times. If you need help, please do not hesitate to contact us at email@example.com.
Software supply chain compromise explained: What you need to know and lessons learned. Join us for an important panel discussion featuring Optiv threat experts, who will uncover what we know of the compromise and its implications for organizations.