SolarWinds

SolarWinds develops IT management software, notably the Orion platform, which provides network monitoring, performance management, and IT operations capabilities. The Orion software is distributed via update mechanisms to customers. The company serves a broad range of organizations seeking to manage and monitor their IT infrastructure. Its solutions are designed to give administrators visibility into network devices, servers, and applications. By consolidating monitoring functions, SolarWinds aims to simplify IT operations for its users.

Headquartered in the United States, SolarWinds maintains its corporate base in the United States of America. The company has a customer base exceeding 18,000 organizations, as indicated by the widespread distribution of a compromised update in 2020. This footprint reflects a significant presence across various sectors that rely on its software for operational visibility. Customers include government agencies, technology firms, and other enterprises that depend on continuous IT monitoring. The scale of its deployment underscores the trust placed in its products by a large and diverse user base.

SolarWinds is recognized for its focus on integrated IT infrastructure management solutions, with the Orion suite being a central offering. The 2020 supply chain incidents highlighted both the sophistication of attackers who inserted the Sunburst backdoor into legitimate updates and the subsequent exploitation via the Supernova web shell targeting unpatched instances. These events underscored the critical role of secure software update processes in its product delivery. The initial Sunburst campaign used forged digital certificates to sign malicious updates, enabling stealthy distribution. The later Supernova activity leveraged a known vulnerability in exposed Orion instances, demonstrating a different, less sophisticated attack vector. Together, the incidents illustrate how weaknesses in update mechanisms can be exploited for initial access and subsequent hands‑on exploitation. As a result, SolarWinds’ security posture and the integrity of its build environment have become notable points of discussion in the cybersecurity community.