{"id":62853,"date":"2021-01-26T03:28:00","date_gmt":"2021-01-26T11:28:00","guid":{"rendered":"https:\/\/forescoutstage.wpengine.com\/?page_id=62853"},"modified":"2024-03-08T10:05:30","modified_gmt":"2024-03-08T18:05:30","slug":"solarwinds","status":"publish","type":"page","link":"https:\/\/www.forescout.com\/research-labs\/solarwinds\/","title":{"rendered":"SolarWinds Malware"},"content":{"rendered":"<h1>SolarWinds Malware<\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/www.forescout.com\/wp-content\/uploads\/2021\/06\/solarwinds-blog-graphic.svg\" class=\"u-size-full\" loading=\"lazy\"><\/p>\n<h2 class=\"c-title \">Get a CISO\u2019s Perspective<\/h2>\n<p>Given the widespread nature of the SolarWinds breach, Forescout has proactively conducted a thorough security review to validate the integrity of our product binaries and security of our software delivery chain:<\/p>\n<ul>\n<li>Forescout has reviewed the recent disclosures around the additional vulnerabilities found in the context of SolarWinds, named Raindrop and Supernova.<\/li>\n<li>Forescout does not currently run any versions of SolarWinds Orion software.<\/li>\n<li>Forescout previously ran SolarWinds version 2018.2 and 2016.1.5300, and after an extensive investigation, found no evidence that Forescout has been compromised by Supernova or Raindrop.<\/li>\n<li>We have enabled all previously disabled product downloads.<\/li>\n<li>Forescout\u202fis\u202fcontinually\u202ftesting, updating and monitoring our own networks to maximize our security posture.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.forescout.com\/company\/blog\/forescouts-commitment-to-cybersecurity-update-on-solarwinds\/\" title=\"See Our Response\" class=\"c-btn c-btn--primary\">See Our Response<\/a><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.forescout.com\/wp-content\/uploads\/2021\/06\/solarwinds-incident-exclamation-mark.svg\" class=\"u-size-full\" loading=\"lazy\"><\/p>\n<h2 class=\"c-title \">Forescout\u2019s Incident Response<\/h2>\n<p>Our Security Incident Response Team is taking these additional actions in response to the SolarWinds breach:<\/p>\n<ul>\n<li>Verifying system hygiene to ensure patching for all CVEs noted in the FireEye report.<\/li>\n<li>Updating information security tool configurations to scan for Indicators of Compromise (IOCs) for this attack and investigating any relevant alerts.<\/li>\n<li>Performing a gap analysis comparing new malware, tools and tactics against existing countermeasures and applying mitigation to any gaps found.<\/li>\n<li>Reviewing historical log data and looking for new IOCs related to the SolarWinds attack.<\/li>\n<\/ul>\n<p><img decoding=\"async\" src=\"https:\/\/www.forescout.com\/wp-content\/uploads\/2021\/06\/solarwinds-protection-eye.svg\" class=\"u-size-full\" loading=\"lazy\"><\/p>\n<h2 class=\"c-title \">Protect Your Network<\/h2>\n<p>Customers can identify and reduce their exposure from vulnerable versions of SolarWinds software inside their environment using Forescout products:<\/p>\n<ul>\n<li>Forescout eyeSight: The latest Security Policy Template (SPT) helps detect vulnerable SolarWinds versions and impacted systems.<\/li>\n<li>Forescout eyeInspect: An eyeInspect script is available to detect the presence of SUNBURST malware in OT environments, and the Forensics Time Machine capability can be used to scan historical network logs for IOCs.<\/li>\n<li>Forescout eyeSegment and eyeControl can be used to contain and limit access to and from affected SolarWinds systems and apply risk mitigation actions to limit exposure.<\/li>\n<\/ul>\n<p>Forescout customers can get the latest detection scripts, documentation and updates via our support portal or contacting Forescout Customer Care.<\/p>\n<p><a href=\"https:\/\/www.forescout.com\/support-hub\/customer-support\/\" title=\"Customer Support\" class=\"c-btn c-btn--primary\">Customer Support<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>SolarWinds Malware Get a CISO\u2019s Perspective Given the widespread nature of the SolarWinds breach, Forescout has proactively conducted a thorough security review to validate the integrity of our product binaries and security of our software delivery chain: Forescout has reviewed the recent disclosures around the additional vulnerabilities found in the context of SolarWinds, named Raindrop [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"parent":70336,"menu_order":162,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"ep_exclude_from_search":false,"footnotes":"","_links_to":"","_links_to_target":""},"coauthors":[407],"class_list":["post-62853","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>SolarWinds Malware - Forescout<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.forescout.com\/research-labs\/solarwinds\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SolarWinds Malware - Forescout\" \/>\n<meta property=\"og:description\" content=\"SolarWinds Malware Get a CISO\u2019s Perspective Given the widespread nature of the SolarWinds breach, Forescout has proactively conducted a thorough security review to validate the integrity of our product binaries and security of our software delivery chain: Forescout has reviewed the recent disclosures around the additional vulnerabilities found in the context of SolarWinds, named Raindrop [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.forescout.com\/research-labs\/solarwinds\/\" \/>\n<meta property=\"og:site_name\" content=\"Forescout\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ForescoutTechnologies\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-08T18:05:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.forescout.com\/wp-content\/uploads\/2021\/06\/solarwinds-blog-graphic.svg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@Forescout\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.forescout.com\/research-labs\/solarwinds\/\",\"url\":\"https:\/\/www.forescout.com\/research-labs\/solarwinds\/\",\"name\":\"SolarWinds Malware - Forescout\",\"isPartOf\":{\"@id\":\"https:\/\/www.forescout.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.forescout.com\/research-labs\/solarwinds\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.forescout.com\/research-labs\/solarwinds\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2021\/06\/solarwinds-blog-graphic.svg\",\"datePublished\":\"2021-01-26T11:28:00+00:00\",\"dateModified\":\"2024-03-08T18:05:30+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.forescout.com\/research-labs\/solarwinds\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.forescout.com\/research-labs\/solarwinds\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.forescout.com\/research-labs\/solarwinds\/#primaryimage\",\"url\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2021\/06\/solarwinds-blog-graphic.svg\",\"contentUrl\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2021\/06\/solarwinds-blog-graphic.svg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.forescout.com\/research-labs\/solarwinds\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.forescout.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vedere Labs\",\"item\":\"https:\/\/www.forescout.com\/research-labs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"SolarWinds Malware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.forescout.com\/#website\",\"url\":\"https:\/\/www.forescout.com\/\",\"name\":\"Forescout\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.forescout.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.forescout.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.forescout.com\/#organization\",\"name\":\"Forescout Technologies, Inc.\",\"url\":\"https:\/\/www.forescout.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg\",\"contentUrl\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg\",\"width\":1,\"height\":1,\"caption\":\"Forescout Technologies, Inc.\"},\"image\":{\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/ForescoutTechnologies\",\"https:\/\/x.com\/Forescout\",\"https:\/\/www.instagram.com\/forescouttechnologies\/\",\"https:\/\/www.linkedin.com\/company\/forescout-technologies\",\"https:\/\/www.youtube.com\/user\/forescout1\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SolarWinds Malware - Forescout","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.forescout.com\/research-labs\/solarwinds\/","og_locale":"en_US","og_type":"article","og_title":"SolarWinds Malware - Forescout","og_description":"SolarWinds Malware Get a CISO\u2019s Perspective Given the widespread nature of the SolarWinds breach, Forescout has proactively conducted a thorough security review to validate the integrity of our product binaries and security of our software delivery chain: Forescout has reviewed the recent disclosures around the additional vulnerabilities found in the context of SolarWinds, named Raindrop [&hellip;]","og_url":"https:\/\/www.forescout.com\/research-labs\/solarwinds\/","og_site_name":"Forescout","article_publisher":"https:\/\/www.facebook.com\/ForescoutTechnologies","article_modified_time":"2024-03-08T18:05:30+00:00","og_image":[{"url":"https:\/\/www.forescout.com\/wp-content\/uploads\/2021\/06\/solarwinds-blog-graphic.svg","type":"","width":"","height":""}],"twitter_card":"summary_large_image","twitter_site":"@Forescout","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.forescout.com\/research-labs\/solarwinds\/","url":"https:\/\/www.forescout.com\/research-labs\/solarwinds\/","name":"SolarWinds Malware - Forescout","isPartOf":{"@id":"https:\/\/www.forescout.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.forescout.com\/research-labs\/solarwinds\/#primaryimage"},"image":{"@id":"https:\/\/www.forescout.com\/research-labs\/solarwinds\/#primaryimage"},"thumbnailUrl":"https:\/\/www.forescout.com\/wp-content\/uploads\/2021\/06\/solarwinds-blog-graphic.svg","datePublished":"2021-01-26T11:28:00+00:00","dateModified":"2024-03-08T18:05:30+00:00","breadcrumb":{"@id":"https:\/\/www.forescout.com\/research-labs\/solarwinds\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.forescout.com\/research-labs\/solarwinds\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.forescout.com\/research-labs\/solarwinds\/#primaryimage","url":"https:\/\/www.forescout.com\/wp-content\/uploads\/2021\/06\/solarwinds-blog-graphic.svg","contentUrl":"https:\/\/www.forescout.com\/wp-content\/uploads\/2021\/06\/solarwinds-blog-graphic.svg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.forescout.com\/research-labs\/solarwinds\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.forescout.com\/"},{"@type":"ListItem","position":2,"name":"Vedere Labs","item":"https:\/\/www.forescout.com\/research-labs\/"},{"@type":"ListItem","position":3,"name":"SolarWinds Malware"}]},{"@type":"WebSite","@id":"https:\/\/www.forescout.com\/#website","url":"https:\/\/www.forescout.com\/","name":"Forescout","description":"","publisher":{"@id":"https:\/\/www.forescout.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.forescout.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.forescout.com\/#organization","name":"Forescout Technologies, Inc.","url":"https:\/\/www.forescout.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg","contentUrl":"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg","width":1,"height":1,"caption":"Forescout Technologies, Inc."},"image":{"@id":"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ForescoutTechnologies","https:\/\/x.com\/Forescout","https:\/\/www.instagram.com\/forescouttechnologies\/","https:\/\/www.linkedin.com\/company\/forescout-technologies","https:\/\/www.youtube.com\/user\/forescout1"]}]}},"featured_media_url":false,"is_file":false,"excerpt_manually_set":false,"_links":{"self":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/pages\/62853","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/comments?post=62853"}],"version-history":[{"count":0,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/pages\/62853\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/pages\/70336"}],"wp:attachment":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/media?parent=62853"}],"wp:term":[{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/coauthors?post=62853"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}