Get Started

          Solarigate

          Detecting SUNBURST/Solarigate activity in retrospect with Zeek

          The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software within the SolarWinds package. Read more »

          Finding SUNBURST backdoor with Zeek logs & Corelight

          UPDATE 12-16-20: Corelight Resources Read more »

          Search

            Recent Posts