BMC response to the SolarWinds Breach
Critical compromise to the Solarwinds Orion platform has created an immediate need to respond to the threat from a likely state sponsored actor (Russia)
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
BMC - Response to the SolarWinds Breach/Malware
1. S T A T E M E N T F R O M B M C & P A R K P L A C E T E C H N O L O G E S
Information & Resources regarding SolarWinds Orion Incident
As many are aware, SolarWinds Orion products experienced a security incident that has
comprised private and public companies alike. BMC and Park Place Technologies are
sympathetic towards any organization that may have been impacted. Given our valued
relationship with you and your business, our security team has compiled and recommended
the following actions and resources to work through this incident, should you be comprised.
1. Review the most current information to determine if your version of software was
vulnerable. SolarWinds has published a security advisory. With an incident of this
magnitude, information is subject to change, so continue to review communications, and
check their website frequently. Depending on your risk tolerance, you may want to
immediately disconnect or power down related software.
2. If your software version has been impacted, start your incident response processes, and
engage your teams to start gathering information.
3. Ask your security team to review and check for indicators of compromise. This will help
you scope the incident and understand how to apply your resources for remediation.
Some good resources include:
a. FireEye Threat Research
b. FireEye Mandiant SunBurst Countermeasures (GitHub)
c. CISA Active Exploitation of SolarWinds Software Activity Report
d. Internet Storm Center Solarigate Report
e. DHS Emergency Directive 21-01
4. Monitor the progress of your security vendors. Signatures and detection capabilities will
be released, so make sure that your security tools are updated with the latest capabilities.
As a valued customer, if you’re temporarily shutting down your SolarWinds Orion Network
Management products and looking for alternative solutions to monitor and ensure uptime in
your infrastructure; we’d like to extend a 90-day free offer on Entuity Network Analytics to
assist you in monitoring your infrastructure while you work to isolate any potential
compromised hosts. Please reach out to us if you would like a demo of Entuity Network
Analytics software.
Additionally, BMC offers solutions that fully automate the remediation of network security
vulnerabilities, from detection of the exposure to closure, and deliver results 10X faster than
manual methods. Please reach out to us if you would like a demo or to learn more about
how Entuity minimizes the risk profile of vulnerabilities on your network, and how BMC can
improve your overall vulnerability management process.
3. PRODUCT DESCRIPTION
TrueSight Automation for Networks is a scalable, industry-leading solution that
automates the management of security vulnerabilities, configurations, compliance, and
provisioning. Network administrators can quickly take corrective action to reduce the
risk of breaches and reduce network outages. It also increases staff productivity and
allows labor to be shifted to more strategic tasks.
BUSINESS CHALLENGE
Today, IT organizations depend on high performing networks to keep their businesses
running at peak efficiency. They also need to make frequent network changes to
support new applications or business services. Additionally, new security threats emerge
every day, making it difficult to maintain a secure environment and achieve SLAs.
Often, these changes are executed manually, through device-by-device interactions via
CLIs or scripting. Detecting security vulnerabilities can require interfacing with
multiple hardware and software tools—and if a device is found to be vulnerable, IT
must take corrective action manually, risking errors that may cause expensive
downtime or failures.
BMC SOLUTION
TrueSight Automation for Networks helps close the window of vulnerability with
native, scan-less detection of security risks in real-time and one-touch rule generation
remediation actions. With this single solution, IT staff can manage physical and virtual
network devices, as well as SDN infrastructures, across most major platforms—
improving network agility and ensuring compliance.
Drive agility, security, and compliance across
your physical, virtual, and SDN infrastructure
TrueSight Automation
for Networks
KEY FEATURES
TrueSight Automation for Networks helps
admins automate and accelerate vulnerability
management, provisioning, configuration,
auditing, and maintenance of network
devices including routers, switches, load
balancers, firewalls, and IDS solutions.
• Vulnerability management – Fast,
automated, scanless detection of
vulnerabilities and automated remediation
based on Cisco®
security advisories and the
National Vulnerability Database (NVD).
• Compliance – Built-in templates for
regulatory compliance, plus closed-loop
change tracking.
• SmartMerge – Auto-generate scripts to
execute changes or rollback entire
configurations without rebooting.
• Real-time status – Get configuration,
compliance or security data from across
the entire network in minutes.
• Scalability – Includes a multi-server
administration portal for greater scalability
and ease-of-use
KEY BENEFITS
• Accelerate consistent, high-volume
network changes for greater uptime
• Reduce mean time to resolution (MTTR)
with visibility into change details and
business services impacted
Intuitive, interactive UI facilitates
triage and remediation.
Datasheet