All SentinelOne Customers Protected from SolarWinds SUNBURST Attack
SentinelOne Devices are Protected from SUNBURST Backdoor Without Any Software Updates or Configuration Changes
SentinelOne, the autonomous cybersecurity platform company, confirmed that all its customers are autonomously protected from SUNBURST, the malware variant at the heart of the SolarWinds attack campaign, without requiring any updates to the SentinelOne XDR platform. Specifically targeting the finance, government, healthcare, education, and infrastructure verticals, the SolarWinds SUNBURST attack has swept the globe since campaign activation in March.
SentinelLabs, the research division of SentinelOne, has confirmed that devices with SentinelOne agents deployed were excluded from the SUNBURST attack from an early stage, even before any communication with a malicious C2. Technical analysis confirmed that SUNBURST was unable to disable or bypass SentinelOne in any environment.
“We’re continuously monitoring and testing the latest SUNBURST variants to ensure our customers remain protected,” said Raj Rajamani, Chief Product Officer, SentinelOne. “Unlike traditional antivirus and other next-gen products, SentinelOne’s autonomous AI and robust anti-tampering protected our customers at the point of attack – without requiring any reactive product updates. Our customers have confidence knowing SentinelOne has them secured.”
Recommended AI News: Sparta Systems Announces Availability of TrackWise 10 with QualityWise.ai Insights
Since the news of FireEye’s breach which led to the SUNBURST discovery, SentinelOne has closely followed the campaign and provided regular in-depth analysis and technical guidance to customers and the community at-large, including:
- Analysis of the latest IOCs and threat artifacts
- In-product hunting packs that enable customers to use SentinelOne’s Deep Visibility hunting module for one click retrospective hunts
- Surge license authorization to assist customers and partners in need of solutions and assistance
- Webinar briefings to help cybersecurity leaders communicate with executive and board audiences on today’s cybersecurity attack campaigns