SolarWinds Incident Response
SolarWinds, a monitoring software company, recently released information regarding a security incident that impacted their enterprise monitoring application, Orion. Orion is one of the most common monitoring applications used by internal IT teams and MSPs all over the world. However, Thrive does NOT use Orion in any of our service offerings, but rather a different product called “N-Central”. This is a completely different platform, formerly known as N-able, which was purchased several years ago and runs as a separate division within SolarWinds. The source code for Orion and N-Central are not shared and they each run independently on separate operating systems.
Thrive has spoken directly with SolarWinds leadership and they confirmed to us that their investigation has found no threats to N-Central or other SolarWinds MSP products. In addition to that investigation, the Thrive Security Team has completed our own review of this exploit. Based on our analysis of currently available public information, we determined that the N-Central technology was NOT susceptible to the same attack methodology that was used against Orion.
If any of our Customers are running SolarWinds Orion on your networks or within your organizations, please use the following link to get more details on how to remediate the issue, along with some additional background on the exploit: https://www.solarwinds.com/securityadvisory