SolarWinds breach: Insights from the trenches | Live incident response demo
It’s been a busy week for cybersecurity professionals as they respond to the SolarWinds breach. On December 13, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to immediately “disconnect or power down SolarWinds Orion products" as they were being actively exploited by malicious actors.
Infosec Skills author and KM Cyber Security managing partner Keatron Evans is helping numerous clients respond to the breach. In this live discussion and incident response demo (recorded Friday, December 18) he covers what happened with the SolarWinds supply chain attack, immediate action you can take to protect your systems and industry responses to help mitigate the incident. He also provides a live demo of Snort, memory forensics and Zeek, as well as a live Q&A with attendees.
- 10-minute Snort demo for SolarWinds and Sunburst incident response: https://www.youtube.com/watch?v=wG8dLV-LZwY
- 10-minute memory forensics demo of SolarWinds and Sunburst: https://www.youtube.com/watch?v=uLGLCv1Cu6A
- FireEye Mandiant SunBurst countermeasures: https://github.com/fireeye/sunburst_countermeasures
- McAfee analysis into the Sunburst backdoor: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/additional-analysis-into-the-sunburst-backdoor/
- Keatron’s free Cyber Work Applied training videos: https://www.infosecinstitute.com/learn/
- Keatron’s Infosec Skills courses: https://www.infosecinstitute.com/authors/keatron-evans/
Cyber Work listeners get a free month of Infosec Skills!
Use code "cyberwork" to get 30 days of unlimited cybersecurity training.

Weekly career advice
Learn how to break into cybersecurity, build new skills and move up the career ladder. Each week on the Cyber Work Podcast, host Chris Sienko sits down with thought leaders from Carbon Black, IBM, CompTIA and others to discuss the latest cybersecurity workforce trends.

Hands-on training
Get the hands-on training you need to learn new cybersecurity skills and keep them relevant. Every other week on Cyber Work Applied, expert Infosec instructors and industry practitioners teach a new skill — and show you how that skill applies to real-world scenarios.

Q&As with industry pros
Have a question about your cybersecurity career? Join our special Cyber Work Live episodes for a Q&A with industry leaders. Get your career questions answered, connect with other industry professionals and take your career to the next level.