You can find each list at the end of this research. After the 12-day dormant period, SUNBURST’s malicious code looks for processes, services, and drivers. This common phenomenon is a prime example of why lengthy EDR data retention is critical. The malware deployed through the SolarWinds Orion platform waits 12 days before it executes.Without any updates, SentinelOne customers are protected from SUNBURST additionally, our customers have been supplied bespoke in-product hunting packs for real-time artifact observability.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |