Supernova Webshell

Description

This search aims to detect the Supernova webshell used in the SUNBURST attack.

   Help

Supernova Webshell Help

To successfully implement this search, you need to be monitoring web traffic to your Solarwinds Orion. The logs should be ingested into splunk and populating/mapped to the Web data model.

   Search

Open in Search