There are many well-researched articles written about the SolarWinds compromise. However, given the skills demonstrated by malicious actors and suspicion regarding the attribution, the question remains: “Have we uncovered all avenues that the attack might have taken place or are there instances and patterns that conventional methods cannot or may not yet uncover?”
In short, the answer is no.
Webinar | SolarWinds SUNBURST Compromise Case Study 🔗︎
In this webinar, focusing on the recent SolarWinds compromise, we will demonstrate how you can use the new DNSDB Flexible Search Transforms with Maltego to discover and uncover key assets and activities that might have been hidden during mainstream investigations using conventional tools and methods. Using historical passive DNS, we will show you how you can access recorded evidence of the past events – distant and recent – even if the DNS assets (domain names, IP addresses, etc.) have long disappeared from the internet or those that have been lawfully seized.
Meet the Speakers 🔗︎
The speakers in this webinar are Roy Boetticher from Maltego and Boris Taratine from Farsight.
Download and watch this webinar now to learn how historical passive DNS observations can assist to uncover past, present and even future threats.
With Farsight DNSDB Transforms , investigators can correlate and contextualize with real-time and historical DNS intelligence; also known as passive DNS data. These Transforms and data help investigators expose entire networks, gain an outside-in view of their infrastructure and pivot across DNS record types
You can access the Farsight DNSDB Transform Hub item by participating in a free trial with limited query numbers, directly on the Maltego Desktop Client. To request a 30-day free trial or subscription, please send your inquiry here .