Businesses investigating if they are victims of or are still affected by the SolarWinds attack campaign, now have access to a free toolkit that Microsoft used to remove the malware from its own code.
Microsoft is giving the CodeQL requests it applied to analyze its source code in the SolarWinds breach discovery view. CodeQL is a tool used in GitHub’s Advanced Security toolset; the questions Microsoft used with CodeQL root out code include similarities in functions and patterns to the SolarWinds binary. These queries can be used on all software for signals of the SolarWinds attack campaign.
To Read More: Dark Reading