Safeguard
Tag

sunburst

Safeguard articles tagged "sunburst" — guides, analysis, and best practices for software supply chain and application security.

7 articles

Threat Research

Build Pipeline Compromise: When the Factory Ships the Malware

A build pipeline compromise injects malicious code during CI/CD, so the software you sign and ship is already backdoored. Here is how it works and how to defend.

Jul 4, 20266 min read
Threat Research

Lessons from SolarWinds: When the Build Pipeline Becomes the Attack Surface

The SUNBURST backdoor reached roughly 18,000 organizations through a trojanized SolarWinds Orion update. Here is what actually happened, and the defenses that hold up years later.

Jul 1, 20266 min read
Vulnerability Analysis

The SolarWinds Supply Chain Attack Explained

How Russian intelligence hijacked SolarWinds' build system to backdoor Orion updates for 18,000 customers, and what security teams must do now.

Feb 11, 20267 min read
Supply Chain Attacks

SolarWinds Sunburst: Five Years of Lessons in 2026

Half a decade after Sunburst, the build system compromise still defines how we think about software supply chain risk. A look at what stuck and what did not.

Jan 9, 20265 min read
Industry Analysis

SolarWinds Lessons Two Years On: What Actually Changed

Two years after the SolarWinds SUNBURST compromise, the industry has new frameworks and new vocabulary — but has the build pipeline actually gotten harder to attack?

Feb 18, 20226 min read
Supply Chain Attacks

SolarWinds SUNBURST: Lessons for Supply Chain Security

The SolarWinds attack compromised 18,000 organizations through a single tampered update. Six months later, here's what the industry should have learned.

May 15, 20215 min read
Incident Analysis

SunBurst: A Supply Chain Attack Evolution Study

The SolarWinds SunBurst campaign rewrote the supply chain threat model. Five years of research reveal what changed and what defenders still miss.

Dec 18, 20206 min read
sunburst — Safeguard Blog