January 12, 2021

Anomali Provides Free SolarWinds Sunburst Backdoor Threat Bulletin and Indicators of Compromise (IOCs), Curated Threat Intelligence Helps Any Organization to Detect Related Breaches

Custom Threat Intelligence Dashboard Provides Anomali Customers With Immediate Access and Visibility to All Known Sunburst Backdoor IOCs

REDWOOD CITY, Calif. — Jan. 12, 2021 — Anomali, the leader in intelligence-driven cybersecurity solutions, today announced availability of curated open source threat intelligence (OSINT) that any organization can use to determine if they have been impacted by the SolarWinds Sunburst backdoor supply chain cyberattack. As part of the free package, users have access to an Anomali Threat Bulletin that provides an incident overview, key findings, and recommended defensive actions. In addition to the bulletin, the OSINT includes a list of more than 2,000 associated indicators of compromise (IOCs) that will aid organizations in detecting if the suspect APT has established a presence in their networks.

“Several years ago, the security industry began understanding that almost all public and private sector organizations were compromised or would be at some point in time, which led enterprises and government agencies to recognize that the ability to detect intrusions was as critical as the ability to prevent them,” said Hugh Njemanze, CEO, Anomali. “The SolarWinds attack proved that even the most advanced security expertise and expansive resources can’t prevent breaches from occurring, which is why Anomali continues to help the security community detect and mitigate major cybersecurity threats as quickly as possible.”

In addition to the complimentary bulletin and IOCs, Anomali Threat Research launched a custom threat intelligence dashboard called Sunburst Backdoor. Now available to Anomali ThreatStream customers, the dashboard is accessible via the user console and is preconfigured to provide immediate access and visibility into all known Sunburst Backdoor IOCs that are made available through commercial and open-source threat feeds that users manage on ThreatStream. Customers using ThreatStream, Anomali Match, and Anomali Lens can immediately detect any IOCs present in their environments, quickly consume threat bulletins containing machine readable IOCs to operationalize threat intelligence across their security infrastructures, and communicate to all stakeholders how they have been impacted.

To learn more about how Anomali is helping its customers and the greater security community to defend against the SolarWinds Sunburst backdoor attack and to download the gratis threat bulletin and IOCs, read our blog: Actionable Threat Intelligence Available for Sunburst Cyber Attacks on SolarWinds

To learn more about the Anomali ThreatSteam custom SolarWinds Sunburst backdoor dashboard, read; Anomali ThreatStream Sunburst Backdoor Custom Dashboard Provides Machine Readable IOCs Related To SolarWinds Supply Chain Attack

To stay up to date on new issues related to visibility, detection and response to the Sunburst cyber attack, please visit:  Sunburst Attack Resource Center


About Anomali
Anomali is the leader in intelligence-driven cybersecurity. More than 1,500 public and private sector organizations rely on Anomali to see and detect threats more quickly, reduce the risk of security breaches, and improve security operations productivity. Anomali solutions serve customers around the world in nearly every major industry vertical, including many of the Global 2000. As an early threat intelligence innovator, Anomali was founded in 2013 and is backed by leading venture firms including GV, Paladin Capital Group, In-Q-Tel, Institutional Venture Partners, and General Catalyst. Learn more at www.anomali.com.