FireEye recently announced that it had been hit by a hack that seems to have been going on for a long time. The situation became very critical in the attack, where hackers were found to be in the systems for a long time. Because the FireEye company was responsible for the security of many government agencies in America.

The attack detected that a software called SolarWinds, which FireEye uses to monitor networks, was due to software updates infected with malicious code. Such attacks are called "supply chain attacks".

How can we avoid these attacks that affect the world?

• First of all, you should make sure that all the software you use in your organization has passed the security tests.
• By having your institution make penetration tests at regular intervals, you should identify the vulnerabilities of your institution and take precautions against these vulnerabilities.
• In order to prevent such attacks within your organization, you should use security software that can make proactive reporting.
• By regularly performing threat simulations, you can increase the level of action of your institution to higher levels.
• Instead of getting SoC service, you can set up a SoC center.
• Instead of opening your critical systems to the internet, you can use innovative ZTNA solutions in your institution without opening them to the internet.
• Before receiving updates, you can observe the movements of such updates on SANDBOXs and then integrate them into your institution.