Elastic Security has enhanced its malware prevention technology to protect against the SUNBURST attack, which compromised several versions of the SolarWinds Orion management platform. This attack, disclosed by SolarWinds and FireEye, involves a supply-chain compromise affecting software released between March and June 2020. Elastic Security's existing and new rules aim to identify and mitigate threats associated with the attack by utilizing machine learning models and providing behavioral detections for various suspicious activities. Users are encouraged to update their systems, enable detection rules, and engage in threat hunting to identify potential compromises. Elastic also provides resources for users, including step-by-step instructions for leveraging machine learning models to detect Domain Generation Algorithm activity, and continues to monitor the situation to update protections as new information becomes available.