How Do You Navigate the SolarStorm* Attack?

*SolarStorm is the name we assigned to the recent campaign of attacks connected to a suspected nation state actor behind the SolarWinds SUNBURST malware

How Can We Help?

SolarStorm Rapid Response Programs

Rapid Response Security Assessment

Solarstorm Rapid Assessment

Assess Your Exposure for Free in 72 hours

Our team will help you locate the at-risk servers owned by your organization and assess whether you’ve been compromised free of charge. After we’ve completed our analysis, we’ll provide you with a SolarStorm Assessment Report brought to you by Expanse and Unit 42.


Rapid Response Security Assessment-2

Solarstorm Initial Cybersecure Engagement

Investigate, Remediate and Protect

If you think you are exposed, we can directly engage an expert team dedicated to this program, for a full investigation and remediation of the incident, which includes 200 Unit 42 IR hours, two months of Expanse and two months of Cortex XDR.

Nikesh Arora CEO and Chairman

If you think you are prepared for what comes next, you are not.

Nikesh Arora CEO and Chairman

Expert Discussions

Understanding SolarStorm

Rapid Response Security Experts


Understanding the SolarStorm Threat

Palo Alto Networks leaders get together to discuss the threat actor that has taken over the security agenda.
Rapid Response Security Assessment-2


Navigating the current SolarStorm and future attacks

March 9, 9:00 AM PST
Will the US Government Recognize SolarWinds as a Cyber Inflection Point?

SolarStorm white paper

"Recently, we experienced an attempt to download Cobalt Strike on one of our IT SolarWinds servers. Cortex XDR instantly blocked the attempt with our Behavioral Threat Protection became clear that the incident we prevented was an attempted SolarStorm attack." - Nikesh Arora, CEO

XDR technology is disrupting cybersecurity by driving behavioral threat protection across all security data sources instead of established data silos. This means fewer blind spots and much better protection against advanced attacks.


SolarStorm Rapid Response Datasheet

To help you assess, remediate, and recover from the SolarStorm attack, Palo Alto Networks has developed a SolarStorm Rapid Assessment and a SolarStorm Cybersecure Engagement. Read this datasheet to learn about these two offerings.


Cortex XSOAR Rapid Response Playbook

Cortex XSOAR has launched a rapid response playbook to speed up the discovery of SolarWind installations within your network and uncover signs of a potential SolarStorm activity.


Cortex XDR SolarStorm Impact Reports

The Cortex XDR Managed Threat Hunting team carried out searches in all XDR customer environments this week for any attack indicators. Maintaining a high level of privacy, they were able to notify customers who need to perform further investigation.


Expanse Reveals SolarWinds Breach and Attacker Communications

Expanse leverages capabilities of its Expander and Behavior products to identify Internet-facing SolarWinds instances and detect customer communications with threat actor infrastructure.