My Pulsant
Threat Intelligence Alert: Solarwinds SUNBURST vulnerability
Incident
Report for Pulsant Service
Resolved
We can confirm that we are patched in accordance with the latest guidance from Solarwinds and are cotinuing to monitor for any further updates.
Update
Pulsant remains vigilant and continues to monitor updates from Solarwinds along with other security channels in the industry. There have been no additional concerns raised since the previous update posted on 21st December.
Update
We continue to watch and review developments closely and in short, our position has not changed. Through our continuous checks, we have seen no indicators of compromise, and the statement we issued last week is still valid. Based on the information disclosed, at no time have we run the compromised software in the delivery of your services. We can also confirm that we have patched to the recommended SolarWinds HF2 version which resolves the known vulnerability. We can also confirm that, at this point, based on the information we have, we are confident that the other communicated breaches from Cisco and Microsoft have not affected Pulsant or our customers.
Monitoring
Pulsant have continued to monitor the situation and any further developments from SolarWinds. Details on Orion versions used within the Pulsant Infrastructure are being sent to customers to provide confidence that the compromised library has never existed within our infrastructure.
Pulsant will continue to monitor developments and provide updates if there is any signifcant change.
Pulsant will continue to monitor developments and provide updates if there is any signifcant change.
Identified
Pulsant are aware that Solarwinds recently announced a compromised software component in their Orion Monitoring Platform.
We can confirm that we are already running the latest recommended version (2020.2.1 HF1) which mitigates the exploit.
Our Infrastructure teams continue to work with Solarwinds in preparation for the release of 2020.2.1 HF2 which removes the vulnerable code.
Further information is available here: https://www.solarwinds.com/securityadvisory
We can confirm that we are already running the latest recommended version (2020.2.1 HF1) which mitigates the exploit.
Our Infrastructure teams continue to work with Solarwinds in preparation for the release of 2020.2.1 HF2 which removes the vulnerable code.
Further information is available here: https://www.solarwinds.com/securityadvisory