Putting the right tools in place
Fortunately, if you have the right tools in place you can often protect yourself against threats like these. SolarWinds® RMM offers tools to help you protect your customers without having to constantly check for US-CERT notifications.
- Patch management: Our patch management features are designed to simplify the process of patching across your customer base. You can set your customers’ systems to automatically apply patches based on criticality. If your customers automatically get critical Microsoft patches, they should already have this vulnerability closed. However, if you’re already an RMM customer and want to double check that the patches have been applied, you can search and filter for specific patches using the patch management workflow. You can view instructions on doing this in our help system.
- Endpoint detection and response: One of our newest features, SolarWinds Endpoint Detection and Response (EDR), powered by SentinelOne, uses artificial intelligence and machine learning to notice unusual behaviors on endpoints and take an appropriate action. For example, SolarWinds EDR could detect an attempt for an endpoint to establish outbound communications to another endpoint on the network and, if that’s unusual for the machine, block it and alert an MSP tech. Additionally, if SolarWinds EDR discovers a potential ransomware infection similar to WannaCry, it can take actions like quarantining the files and automatically rolling the system back to a known safe state.
If you don’t currently use SolarWinds RMM, you can try these features and more for free by starting a 30-day trial.
There’s still time to patch (but don’t wait)
As of now, cybercriminals haven’t launched a full-blown attack against this vulnerability. However, it may simply be a matter of time. It took only two months between discovering EternalBlue and the launch of the WannaCry attacks, so make sure you patch these systems as soon as possible. If an attack does make the news, you can confidently let your customers know you already have it covered.
Tim Brown is VP of Security for SolarWinds MSP. He has over 20 years of experience developing and implementing security technology, including identity and access management, vulnerability assessment, security compliance, threat research, vulnerability management, encryption, managed security services, and cloud security. Tim’s experience has made him an in-demand expert on cybersecurity, and has taken him from meeting with members of Congress and the Senate to the Situation Room in the White House. Additionally, Tim has been central in driving advancements in identity frameworks, has worked with the US government on security initiatives, and holds 18 patents on security-related topics.