Solarigate

Detecting SUNBURST/Solarigate activity in retrospect with Zeek

By Ben Reardon – December 21, 2020

The threat actors who created SUNBURST went to extraordinary lengths to hide Command-and-Control (C2) traffic by mimicking the nature of communication patterns used by legitimate software within the SolarWinds package. Read more »

Finding SUNBURST backdoor with Zeek logs & Corelight

By John Gamble – December 14, 2020

UPDATE 12-16-20: Corelight Resources Read more »

Bright Ideas Blog

Solarigate

Detecting SUNBURST/Solarigate activity in retrospect with Zeek

Finding SUNBURST backdoor with Zeek logs & Corelight

Search

Recent Posts

Categories

Archives

Authors