*SolarStorm is the name we assigned to the recent campaign of attacks connected to a suspected nation state actor behind the SolarWinds SUNBURST malware
Solarstorm Rapid Assessment
Our team will help you locate the at-risk servers owned by your organization and assess whether you’ve been compromised free of charge. After we’ve completed our analysis, we’ll provide you with a SolarStorm Assessment Report brought to you by Expanse and Unit 42.
Solarstorm Initial Cybersecure Engagement
If you think you are exposed, we can directly engage an expert team dedicated to this program, for a full investigation and remediation of the incident, which includes 200 Unit 42 IR hours, two months of Expanse and two months of Cortex XDR.
To help you assess, remediate, and recover from the SolarStorm attack, Palo Alto Networks has developed a SolarStorm Rapid Assessment and a SolarStorm Cybersecure Engagement. Read this datasheet to learn about these two offerings.
Cortex XSOAR has launched a rapid response playbook to speed up the discovery of SolarWind installations within your network and uncover signs of a potential SolarStorm activity.
The Cortex XDR Managed Threat Hunting team carried out searches in all XDR customer environments this week for any attack indicators. Maintaining a high level of privacy, they were able to notify customers who need to perform further investigation.
Expanse leverages capabilities of its Expander and Behavior products to identify Internet-facing SolarWinds instances and detect customer communications with threat actor infrastructure.