Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Developing and Testing an Effective Breach Response PlanWhether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to:
-understand the technical environment,
-determine what types of incidents would trigger the plan,
-know which stakeholders need to be notified and how to do so,
-develop steps to contain the breach, collect evidence, and initiate recovery.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
User Rank: Ninja
7/15/2021 | 1:21:20 PM
Was this a supply chain issue or was this a flaw in a program that is part of the application that Solarwinds happen to select (not sure why they did not use WinSCP or OpenSSH but that is for another conversation)? In addition, the software has a peer-to-peer file sharing capability and folder synchronization (that is your problem right there), not sure why this was allowed to be part of the application stack, OpenSSH gives you that capability over an encrypted tunnel or WinSCP does the same thing.
In addition, since this uses SSH and Key-Mgmt capabilities, this should have not been compromised because the key should have been unique during its creation process or unless someone created a backdoor in the key creation process, not sure there but not sure why they did not remove the "P2P" file-sharing process.
Oh well, too late to cry over spilled milk, the damage has already been done.
Todd