SOLARWINDS A SANS Lightning Summit

Thursday, 04 Feb 2021 12:00PM EST (04 Feb 2021 17:00 UTC)
Speakers: Michael Murr, Rob Lee, Dr. Johannes Ullrich, Evan Dygert, John Hubbard, Mark Bristow, Katie Nickels

This hour and a half long Lightning Summit will feature six different 10-minute talks from SANS instructors across various disciplines.

It has been over a month since SolarWinds made public that it was breached and a backdoor known as SUNBURST had been inserted into its flagship product. During the last month, the information security community has come together to share and learn about how to defend against this attack. In this SANS Lightning Summit, SANS instructors will present lightning talks summarizing some of the key lessons learned.

The compromised SolarWinds Orion platform is at the heart of many organizations. It monitors and manages enterprise infrastructure. The platform has full access to all managed assets. This made the backdoor attackers introduced into SolarWinds Orion a worst-case scenario supply chain attack. The attack started as early as March, but was not detected until December which provided ample time for attackers to roam and compromise the networks managed by SolarWinds Orion.

You will learn: '

about the larger concern of supply chain attacks
how others have approached it (good and bad)
what you may have missed about SolarWinds/Sunburst
what it means to have a trust compromise and how to recover
how you are able to protect yourself or detect compromise

Talks include:

Overview and Intro - Rob Lee ' FOR508 Advanced Incident Response Author and Instructor

KEY CTI Takeaways - - Katie Nickels ' FOR578 Cyber Threat Intelligence Instructors
Hunting and incident response key takeaways from the field - Mark Bristow ' ICS515: ICS Active Defense and Incident Response Instructor
Takeaways from SolarWinds Malware Analysis and why it is important - 'Evan Dygert ' FOR610 Malware Analysis Instructor
Best and Worst organizational approaches to SolarWinds/SunBurst Incident (Detection, Response, Remediation). 'Rating effective hunting approaches for SolarWinds. - Mike Murr
Blue Team Approaches in Preventing and 'Detection of SolarWinds in the Future - John Hubbard ' SEC450: Blue Team Fundamentals: Security Operations and Analysis Author and Instructor
Beyond SolarWinds: What we need to learn about supply chain attacks NOW. - Dr. Johannes Ulrich ' Internet Storm Center Lead

SolarWinds/Sunburst Panel with all 6 Speakers and moderator for 30 min at the end.

Speakers:

Rob Lee

Katie Nickels

Mark Bristow

Evan Dygert

Mike Murr

John Hubbard

Dr. Johannes Ullrich

Login to Register

Related Content

Why SANS - Blog - Zero Trust - Zero Trust Network Architecture- Ready for Prime Time__340 x 340.jpg

November 15, 2024

Zero Trust Network Architecture: Ready for Prime Time?

This infographic outlines the principles of implementing a Zero Trust architecture by focusing on strategies like micro-segmentation and continuous authentication.For a deeper dive into these topics, download the SANS Zero Trust Strategy Guide and watch the YouTube video to gain actionable...

Why SANS - Blog - Critical Infrastructure - Supply Chain Attacks- Why Security Leaders Must Act Now_340 x 340.jpg

November 15, 2024

Fortifying the Supply Chain: Strategies for Modern Security Challenges

This infographic emphasizes securing the supply chain against modern threats by distinguishing supply-chain risks from internal risks and recommending best practices for managing external dependencies.For a deeper dive into these topics, download the ICS Strategy Guide and watch the YouTube video...

Cybersecurity Insights, Digital Forensics, Incident Response & Threat Hunting, Cyber Defense, Cloud Security, Open-Source Intelligence (OSINT), Cybersecurity Leadership, Security Awareness, Artificial Intelligence (AI)

December 18, 2023

Top 15 SANS Summit Talks of 2023

This year, SANS hosted 16 Summits with 209 talks. Here were the top-rated talks of the year.